This document describes how to install and configure the Aegis Adapter for Sentinel.
For information about legal notices, trademarks, disclaimers, warranties, export and other use restrictions, U.S. Government rights, patent policy, and FIPS compliance, see https://www.netiq.com/company/legal/.
© 2016 NetIQ Corporation. All Rights Reserved.
The Aegis Adapter for Sentinel (Sentinel adapter) allows Aegis to communicate with Sentinel to:
Receive alerts and initiate work items. If an alert received from Sentinel matches a trigger associated with a workflow, Aegis initiates a work item.
Call and initiate Sentinel actions through the Sentinel REST Application Programming Interface (API). For more information about the Sentinel REST API, see http://www.novell.com/developer/plugin-sdk/ref/restapi/7.0/#DataObject_REST_API.
The Sentinel adapter also includes Aegis workflow activities specific to Sentinel that Process Authors can use in the Workflow Designer.
For more information about activities or activity libraries, see the Process Authoring Guide for Aegis.
The Sentinel adapter requires the following software versions.
|
Component |
Version |
|---|---|
|
Sentinel |
Version 7.4.0.0 or later. Install on a computer with network access to the computer where you want to install the Sentinel adapter. Ensure you install the latest hotfixes and patches for the version you are using in your environment. |
|
Aegis |
One of the following versions installed on a computer with network access to the Sentinel adapter and the NetIQ Resource Management Namespace Provider:
|
The Sentinel adapter uses port 8443 on the Sentinel server computer to communicate with Aegis.
The following table provides an overview of tasks to install and configure the Sentinel adapter.
|
Steps |
For more information, see… |
|---|---|---|
|
☐ |
|
|
|
☐ |
|
|
|
☐ |
|
|
|
☐ |
|
When you install the Sentinel adapter, you must specify an account that has a minimum of Manage All Alerts privileges in Sentinel. The logon account allows the Sentinel adapter to communicate with the specified Sentinel server.
You must install the Sentinel adapter on an Aegis Server computer. You cannot install the adapter remotely.
Log on to the Aegis Server computer with a local administrator account.
(Conditional) To install the adapter on a cluster, log on to the active node.
Run the Aegis Adapter for Sentinel setup program (AegisAdapterforSentinel.exe) located in the Sentinel installation kit in the Installer folder under the subfolder appropriate for your locale.
Follow the instructions in the wizard, and then click Finish.
(Conditional) To install the adapter on a cluster, repeat this procedure on each passive node in the cluster.
When the installation is complete, you can configure additional Sentinel servers with the Aegis Adapter Configuration Utility.
Log on to the Aegis Server computer with a local administrator account.
In the NetIQ program group, click NetIQ > Aegis > Aegis Adapter Configuration Utility.
In the left pane, expand Sentinel Servers.
On the Edit menu, click New Entry.
Provide the appropriate information, and then click Validate Credentials.
Save the Sentinel server information.
Repeat Step 3 through Step 6 for each server you need to add.
Close the Aegis Adapter Configuration Utility.
The setup program for the Sentinel adapter installs a new event type that you can use to create triggers and triggering event definitions. To verify a successful installation, check the new event type in the Aegis Configuration Console.
Start the Aegis Configuration Console.
For more information about starting the Configuration Console, see the Administrator Guide for Aegis.
In the Navigation pane, click Administration.
In the left pane, click Triggering Event Definitions.
In the Event Definitions View Tasks list, click Create New Event Definition.
On the Create Triggering Event Definition window, click <event type>.
Ensure Sentinel.Alert is in the list of available event types.
After verifying a successful installation, build a simple workflow with one of the activities in the Sentinel Activities library. For more information about building workflows, see the Process Authoring Guide for Aegis.
The activities in the Sentinel Activities library allow Aegis to perform the following types of tasks, among others:
Retrieve the attributes for specific alerts
Retrieve the events related to a specific alert
Query the knowledge base and retrieve comments
Create, update, or close an alert
Add comments to an alert
Promote an alert to an incident
You can see all available activities by looking at the Sentinel Activities library in the Aegis Workflow Designer. For more information about each activity, see the Help.
To uninstall the Sentinel adapter, use the Windows Add/Remove Programs tool.