Sentinel

This cool solution explains how Sentinel can be configured to forward events from Sentinel or Access Manager Analytics Server to 3rd party Syslog Servers like Splunk and ArcSight. By default, Splunk runs Syslog on UDP 514 and TCP 1514. These ports may be different in your Splunk environment…

By: vjohari
Oct 3, 2018
4:22 pm
Reads:
378
Score:
Unrated

AbuseIPDB is a project dedicated to helping combat the spread of hackers, spammers, and abusive activity on the internet. Correlated events in Sentinel can be automatically provisioned to AbuseIPDB using the following script with the Execute Action. Due to Bug # 944428, you will require at least Execute a Command 2011.1r2 or greater.

ScorpionSting
Aug 10, 2018
4:24 pm
Reads:
618
Score:
5

Recently I had a need for encrypting the e-mail notifications that Sentinel sends from e.g. correlation rules. The e-mails were going to be sent outside the organization to an external e-mail address, and the requirement was that only the recipient should be able to read the messages which of course presents a problem when using…

+ read more

Apr 9, 2018
9:08 am
Reads:
868
Score:
Unrated

Sentinel Link Collector 2011.1r3 and Syslog Integrator 2018.1r1 are now available. Get the details here…

Feb 20, 2018
12:59 pm
Reads:
1,124
Score:
Unrated

This article explains the procedure to migrate the Sentinel event and raw data with less down time

Jul 17, 2017
8:15 am
Reads:
1,342
Score:
Unrated

This article explains the steps of how to migrate the old Remote Collector Manager (RCM) to new hardware. Here is the use case we used…

Jul 13, 2017
12:13 pm
Reads:
998
Score:
Unrated

NetIQ_Access_Manager_Solution_Pack_2011.1r2_sample_pdfs contains sample reports for the complete set of reports found in the NetIQ Access Manager Solution Pack (version 2011.1r2).

Jul 11, 2017
10:15 am
Reads:
1,069
Score:
Unrated

NetIQ_SecureLogin_Solution_Pack_2011.1r1_sample_pdfs contains sample reports for the complete set of reports found in the NetIQ SecureLogin Solution Pack (version 2011.1r1).

Jul 11, 2017
10:14 am
Reads:
1,198
Score:
Unrated

Why wildcard certificate? A general description and advantage of the wildcard, is that the same certificate can be used for multiple subdomains of a domain. It will be cheaper and more convenient, rather than buying a certificate for each domain…

Jun 28, 2017
3:56 pm
Reads:
1,425
Score:
5

By default Sentinel creates a self-signed certificate which would be valid for 100 years. Due to security reasons we should sign the SSL certificate with Certificate Authority. This document describes the steps involved in creating a custom certificate for Sentinel with the third-party CA.

Jun 22, 2017
3:19 pm
Reads:
2,055
Score:
1.5
Active Directory Authentication Automation Cloud Computing Cloud Security Configuration Customizing Data Breach DirXML Drivers End User Management Identity Manager Importing-Exporting / ICE/ LDIF Intelligent Workload Management IT Security Knowledge Depot LDAP Monitoring Open Enterprise Server Passwords Reporting Secure Access Supported Troubleshooting Workflow