3.5 BMC Software PATROL Enterprise Manager (PEM)

3.5.1 Integrating to PATROL Enterprise Manager

To integrate Patrol Enterprise Manager:

  1. Create an adapter for each instance of PEM on the network.

    For instructions, see Section 2.1, Creating an Adapter.

  2. Modify the adapter properties.

    For instructions, see Section A.6, BMC Software PATROL Enterprise Manager.

3.5.2 Integration Using a Secure Relay Connection

The PEM adapter can communicate with the PEM server using a relay connection to provide secure cross-host communications. The relay connection acts as an intermediary, accepting and delivering messages to one server to another.

All the relay connection components are installed automatically with the Operations Center product. Unzip the /OperationsCenter_install_path/Relay.zip file and use the following instructions to set up the relay connection between Operations Center and the server:

Setting Up the Relay Connection Between Operations Center and the PEM Server

To set up the relay connection between Operations center an the PEM server:

  1. Follow the instructions for installing the relay application in the readme.txt file on the Operations Center CD.

    This includes information on modifying the config/relay.properties file.

  2. Configure the PEM adapter properties that pertain to the relay.

    Note the following port requirements for using the relay connection:

    • The relay requires an open port for relay administration, set in the mosrelay.adminPort property in the /OperationsCenter_install_path/config/relay.properties file. This port might not be used for any other purpose.

    • In addition, configure each relay with its own port for each required listener configuration. Refer to the /OperationsCenter_install_path/config/relay.properties file for information on configuring relay listeners.

    Each relay is defined by a set of properties prefixed with mosrelay.relay_name, where relay_name is the name of the relay. Each relay definition must contain listener properties specifying how client connections are received. For required listener properties, see the /OperationsCenter_install_path/config/relay.properties file.

Setting Security Parameters

The mosrelay.relay_name.listener.security property specifies the security level for connections accepted on the listener port. The three valid values are:

  • ssl: All communications are encrypted with SSL.

  • sslWithClientAuth: SSL with client certification authentication.

  • unsecured: Clear text communications.

To support SSL, supply a trusted server certificate for the relay. If not using the default keystore in the /config directory, use the specified properties in relay.properties to point to the appropriate keystore.

Operations Center validates SSL certificate dates and flags certificates with expired dates or dates that are not yet valid.

If using self-signed certificates, the process for creating and trusting certificates is identical to the process for the Operations Center server.

If your relays are configured to verify client certificates, remember that the Operations Center server certificate must also be trusted by the VM running the relay.

On the adapter side, specify the following PEM adapter properties to transmit communications to/from the PEM server:

  • RelayServer: Name of the server on which the relay connection exists.

  • RelayPort: The port number configured for use by the PEM adapter for relay communications.

  • RelaySecurity: The security level for the relay server: SSL or unsecured (meaning use clear text, which is not case-sensitive).

Note there are three valid values in the config/relay.properties file and two valid settings for the RelaySecurity adapter property. Important points to remember about these two settings: If the adapter is set to SSL security, the relay can be set to SSL or sslWithClientAuth. The names are not case sensitive.

In the case of sslWithClientAuth, the relay requests and validates the Operations Center server certificate as part of the SSL handshake. In either case, the adapter should be set to SSL.

3.5.3 Querying Historical Alarms

The Query Alert History right-click option on the PEM adapter element enables users to query historical alarms in the PEM persistent store. The Query Alert History option provides a pop-up window for users to specify start and stop date/time boundaries for displaying historical alarms. The historical alarms display for the length of time specified by the AlarmAgeOutQueryExtDuration and AlarmAgeOutInSec adapter properties.

For more information, see Section A.0, Adapter Property Reference.