The Event Source Management (ESM) panel provides a set of tools to manage and monitor connections between Sentinel and the event sources which are providing data to Sentinel. The graphical interface shows at a glance the current event sources and the software components that are processing data from that event source. Each component can be easily deployed to quickly integrate the devices in the enterprise, and then can be monitored in real time within the ESM interface.
NOTE:You need to have appropriate permissions to access this tab. Only a Sentinel Administrator has controls to enable/disable access to the ESM panel for other users.
Through ESM, you can:
Add/edit connections to event sources using Configuration wizards.
View the real-time status of the connections to event sources.
Import/export configuration of event sources to or from Live View/Scratchpad.
View and configure Connectors and Collectors that are installed with Sentinel
Import/export Connectors and Collectors from or to a centralized repository
Monitor data flowing through the Collectors and Connectors
Debug Collectors
Design, configure and create the components of the Event Source Hierarchy, and execute required actions using these components. For more information, see Section 10.3, Live View.
A plugin is a package of code that provides additional functionality to Sentinel; ESM leverages two types of plugins called Collectors (Scripts) and Connectors. Implementing these features as plugins allows Novell to deliver enhancements to our event collection system without the need to deliver a new version of the Sentinel platform.
Collector: The Collector plugin adds the ability to parse raw data from an Event Source. This is similar to the Collector in Sentinel 5, however in Sentinel 6 the plugin also provides additional meta-data to enable the ESM panel to prompt the user for parameter values as well as enable ESM to automatically select supported connection methods that work well with the Collector. This meta-data is added to the Collector plugin by the plugin developer. Collectors are written using JavaScript or our legacy scripting language and as such are sometimes called “Scripts.”
Connector: In Sentinel 6, all Connectors are pluggable. A Connector plugin contains both the implementation of the connection mechanism used to gather data from an event source as well as the GUI screens needed to configure the Connector. This allows for a user to easily add additional Connectors to Sentinel.
Hot Fixes and New Functionality: In the future, some Sentinel enhancements and defect fixes might be available as plugins.
After you import a plugin into Sentinel, it is centrally stored in the Plugin Repository. The appropriate Sentinel component on other machines automatically starts using the plugin.
Some plugins, such as database Connectors, require one or more auxiliary files in order to function. Auxiliary files are typically files that can not be shipped by Novell within the standard plugin such as user-specific configuration files or third party libraries that require specific licenses. In all cases the documentation for the plugin will include detailed instructions about which auxiliary files are necessary and where they can be obtained.
Select the plugin to which the Auxiliary file will be added and then click Add Auxiliary File.
A wizard guides users through the process of importing the Auxiliary file.