13.6 Configuring the SmartConnector

You must perform the following steps for both the instances of SmartConnector: SmartConnector for audit events collection and SmartConnector for entity change events collection.

  1. Change to the following directory:

    <SmartConnector Installation Directory>/current/bin

  2. Execute the following command:

    ./runagentsetup.sh

  3. Read through the warning, then enter yes to continue.

  4. Specify the following details:

    1. Enter a Unique Generator ID. If you press Enter without specifying any value here, connector will not have a Generator ID and the Global Event ID will be zero.

    2. Enter the corresponding number to either enable or disable FIPS Mode.

    3. Enter the corresponding number to disable Remote Management.

    4. Press Enter to accept the default port number for Remote Management Listener Port.

    5. Press Enter to select IPV4 as the Preferred IP Version.

    6. Enter Format Preserving Host URL[].

    7. Press Enter to disable the Format Preserving Encryption.

    8. Press Enter for Proxy Host (https).

    9. Press Enter for Proxy Port.

    10. Press Enter for Format Preserving Identity.

    11. Press Enter for Format Preserving Secret.

    12. Enter yes to confirm the values are correct.

    13. Read through the message for Unique Generator ID, then enter yes to continue.

  5. Read through the summary, then enter yes to continue.

  6. Select the corresponding number for Syslog NG Daemon as the SmartConnector Type and enter yes to confirm the value.

  7. Enter the following parameter details:

    1. For Network Port, enter the port number depending on the communication protocol you want to establish with the data source.

      NOTE:To allow communication, enable this port in the firewall as well.

    2. Specify the IP address of the device that the connector should listen to.

      Alternatively, to bind the connector to all available IP addresses, press Enter to accept the default.

    3. Specify the protocol.

      NOTE:If you are configuring the SmartConnector to receive entity change events from Identity Intelligence, select Raw TCP. If you are configuring the SmartConnector to receive audit events from Identity Manager, select TLS.

      enter the number corresponding to TLS.

    4. Press Enter to select the default value for Forwarder.

    5. Press Enter to accept the default value for IETF Standard (RFC 5424) Enabled.

    6. Enter yes to confirm the parameter values are correct.

  8. Enter the corresponding number for Transformation Hub as the destination type.

  9. Configure the destination parameters:

    1. For Initial Host:Port(s), enter the FQDN and port of Kafka.

      • For Raw TCP:

        <kafka_host_name>:9092

      • For SSL/TLS:

        <kafka_host_name>:9093

      NOTE:Ensure that the FQDNs of Kafka nodes resolve successfully.

    2. Press Enter to accept the default content type.

    3. Press Enter to accept th-cef as the default Topic.

    4. Press Enter to accept the default ESM version.

    5. Enter the corresponding number to select the Acknowledgment mode as none.

    6. (Conditional) If you want to configure one-way SSL authentication with Transformation Hub:

      Enter the number corresponding to true for Use SSL/TLS and provide the following information:

      1. SSL/TLS Trust Store file: Specify the full path to the truststore file that contains the CDF root CA certificate.

      2. SSL/TLS Trust Store password: Specify the password used to access the truststore file that contains the CDF root CA certificate.

    7. (Conditional) If you want to configure mutual SSL authentication with Transformation Hub:

      Enter the number corresponding to true for Use SSL/TLS and provide the following information:

      1. SSL/TLS Trust Store file: Specify the full path to the truststore file that contains the CDF root CA certificate.

      2. SSL/TLS Trust Store password: Specify the password used to access the truststore file that contains the CDF root CA certificate.

      3. Use SSL/TLS Authentication: Select Yes if you want to Transformation Hub to authenticate SmartConnector.

      4. SSL/TLS Key Store file: Specify the full path of the keystore file that contains SSL private key and certificate.

      5. SSL/TLS Key Store pass: Specify the password to access the keystore file.

      6. SSL/TLS Key password: Specify the password to access the private key.

    8. Enter the number corresponding to the compression type to compress and send events to Transformation Hub.

    9. Enter yes to confirm the destination parameter values are correct.

  10. Enter the connector details:

    1. Enter the name of the SmartConnector.

    2. (Optional) Enter the Location, DeviceLocation, and Comment for the SmartConnector.

    3. Verify the connector details and enter yes to confirm the values are correct and then enter yes to continue.

  11. To run the connector as a service, enter the corresponding number for Install as a service.

  12. Specify the service parameters.

    1. Enter a unique Service Internal Name.

    2. Enter a unique Service Display Name.

    3. Press Enter to accept the default settings to start the service automatically.

    4. Verify the service parameters and enter yes to confirm the values are correct.

  13. Read the Install Service Summary, press Enter to continue.

  14. Start the SmartConnector using the following command:

    /etc/init.d/arc_<name of the SmartConnector> start

  15. (Conditional) If you want to configure Identity Manager to send audit events to multiple destinations such as Sentinel Log Manager for IGA and Identity Intelligence through the SmartConnector, complete the tasks mentioned in Configuring Additional Destination for Identity Manager Audit Events.

For more information, see the SmartConnector for Syslog NG Daemon Configuration Guide and the Configuring Connectors section in the SmartConnector User Guide.