13.3 Sentinel Scripts

Depending upon which components are installed, the $ESEC_HOME/bin (on UNIX) or %ESEC_HOME%\bin (on Windows) directory might contain some or all of the scripts below. The operational scripts are appropriate for use during normal operations of Sentinel. The troubleshooting scripts should only be used when troubleshooting an issue.

For most scripts that require arguments, running the scripts without arguments provides details about the arguments and usage of the script.

13.3.1 Operational Scripts

The scripts below can be used during the normal operation of Sentinel.

Table 13-1 Operational Scripts

Script File:	Description:
adv_change_passwd.bat adv_change_passwd.sh	Resets the encrypted Advisor password stored in the Advisor configuration files. For more information, see Section 8.7, Resetting the Advisor Password.
advisor.bat advisor.sh	Starts the Internet download and processing of Advisor feed data. This script is scheduled to run automatically when Advisor is installed.
AnalyzePartitions.sh	Runs the analyze partitions action on the Sentinel Database. This script is only available for Sentinel Database running on Oracle.
BackupIncidentData.bat BackupIncidentData.sh	Used to backup Incident related data before running the delete incident utilities. For more information, contact Novell Technical Support.
Clean_Database.bat Clean_Database.sh	Used to delete Incident and/or Identity information from the database. For more information, see Section 13.5, Database Backup and Cleanup.
control_center.bat control_center.sh	Launches the Sentinel Control Center graphical user interface.
CreateStartStop	Creates start/stop scripts for Oracle 10
dbconfig.bat dbconfig	Configures the database connection settings stored in the DAS container xml files. For more information, see section Reconfiguring Database Connection Properties in the Sentinel 6.1 Reference Guide.
dbHealthCheck.sh	Displays Sentinel Database health information. This script is only available for Sentinel Database running on Oracle.
esm_manager.bat esm_manager.sh	Starts, stops, or restarts any of the Event Source Management nodes. Available in Sentinel 6.0 SP1 and above.
extconfig.bat extconfig	Resets any of the encrypted 3rd Party Integration passwords stored in the das_query.xml file. For more information, see section Resetting the Remedy Password in the Remedy Help Desk Operations.
keymgr.bat keymgr.sh	Generates a random encryption key to be used to encrypt messages in transport over the iSCALE message bus. For more information, see the section Changing the Communication Encryption Key of Communication Layer (iSCALE) in Sentinel 6.1 Installation Guide.
map_updater.bat map_updater.sh	Uploads contents of a map to Sentinel
proxy_passwd_update.bat proxy_passwd_update.sh	Changes the password used for the proxy server if Advisor is downloading information through a proxy server.
register_trusted_client.bat register_trusted_client.sh	Registers the Sentinel installation as a trusted client of the Communication Server on the machine where this script is run. This script is used when manually configuring Collector Manager to connect to Sentinel through the proxy. For more information, see section Collector Manager in Communication Layer (iSCALE) in Sentinel 6.1 Installation Guide.
runadvisor_client.bat runadvisor_client.sh	Launches the client to download Advisor data.
sdm.bat sdm	Launches the Sentinel Data Manager application. For more information, see Section 12.0, Sentinel Data Manager.
sentinel.sh sentinel.bat	Starts or stops the Sentinel Server. For more information, see Section 13.2, Starting and Stopping the Sentinel Server.
setadvenv.bat setadvenv.sh	Used by the Advisor scripts to set some local environment variables.
setenv.sh	Used by many of the Sentinel scripts to set some local environment variables.
softwarekey.bat softwarekey.sh	Resets the Sentinel license key. For more information, see Section 13.6, Updating Your License Key.
solution_designer.bat solution_designer.sh	Starts the Solution Designer application.
uninstallAt.bat uninstallcron.sh	Removes the Advisor feed download and processing scheduled jobs. This script is run automatically by the uninstaller.
versionreader.bat versionreader.sh	Displays the version information stored in a Sentinel jar file. For more information, see Section 13.4.3, Sentinel .jar Version Information.

13.3.2 Troubleshooting Scripts

The scripts below are useful when troubleshooting an issue you are experiencing. They provide finer grain control of certain components in Sentinel, allowing you to drill down to the root cause of the issue.

NOTE:These scripts should not be used during normal operation of Sentinel. They are intended for troubleshooting purposes.

Table 13-2 Troubleshooting Scripts

Script File:	Description:
collector_mgr.bat collector_mgr correlation_engine.bat correlation_engine das_aggregation.bat das_aggregation das_binary.bat das_binary das_cmd.bat das_cmd das_itrac.bat das_itrac das_query.bat das_query das_rt.bat das_rt	Starts the associated Sentinel Server process. These scripts are useful when troubleshooting a problem with a Sentinel Server process that is not running properly and when no helpful error message is written to the log file. Before running one of these scripts, make sure the associated process is not already running on that machine.
event_file_info.bat event_file_info	Displays information about an event file that will be processed by DAS Aggregation.
list_broker_connections.bat list_broker_connections	Displays all of the active connections to the iSCALE message bus.
remove_sonic_lock.bat	Removes Sonic lock files in the event of an abnormal shutdown.
start_broker.bat start_broker.sh	Starts the message bus component of the Communication Server. This script is useful if you are having problems starting the message bus (Sonic). For more information, see Starting the Communication Server in Console Mode.
StartSQLAgent.bat	Starts the SQL Server Agent Service and configures it to run automatically. This script is run automatically by the installer.
stop_broker.bat stop_broker.sh	Stops the message bus component of the Communication Server. For more information, see Stopping the Communication Server in Console Mode.
stop_container.bat stop_container.sh	Stops a particular Sentinel Server process. This is useful when you need to restart a particular Sentinel Server process without stopping the entire Sentinel Server. Please note that the Sentinel Server watchdog will automatically restart the process after it is stopped. For more information, see Restarting Sentinel Containers.

Starting the Communication Server in Console Mode

These scripts start the Communication Server on the command line in console mode. These scripts are useful for debugging the Communication Server without requiring you to run the rest of Sentinel Server.

NOTE:During normal operations, you should not use these scripts. Instead, follow the procedures in the Section 13.2.1, Starting a Sentinel Server. If you use these scripts on Windows, for example, the service will only run as long as the Command Prompt window remains open.

To start the Communication Server (Windows):

Either go or navigate through Windows Explorer to:
```
%ESEC_HOME%\bin
```
Either double-click (through Windows Explorer) or execute the following file:
```
start_broker.bat
```

To start the Communication Server (UNIX):

Login as Sentinel Administrator operating system user (default is esecadm).
Go to:
```
$ESEC_HOME/bin
```
Specify:
```
./start_broker.sh
```

Stopping the Communication Server in Console Mode

These scripts stop the Communication Server on the command line in console mode. These scripts are useful for troubleshooting the Communication Server without forcing you to stop the rest of Sentinel Server.

NOTE:During normal operations, you should not use these scripts. Instead, follow the procedures in the Section 13.2.2, Stopping a Sentinel Server.

To stop the Communication Server (Windows):

Either go or navigate through Windows Explorer to:
```
%ESEC_HOME%\bin
```
Either double-click (through Windows Explorer) or execute the following file:
```
stop_broker.bat
```

To stop the Communication Server (UNIX):

Login as user Sentinel Administrator operating system user (default is esecadm).
Go to:
```
$ESEC_HOME/bin
```
Specify:
```
./stop_broker.sh
```

Restarting Sentinel Containers

The following procedures describe how to restart a Sentinel Server process from the command line.

NOTE:During normal operations, you should not use these scripts. Instead, use theServers View in the Admin tab of Sentinel Control Center.

Below are the names of the Sentinel Server processes that can be restarted using the procedure described below. The name must be used in the command line exactly as shown below.

Table 13-3 Sentinel Server process names

Name	Description
Correlation_Engine	Processes Correlation Rules.
Collector_Manager	Process raw event source data and sends events.
DAS_Aggregation	Calculates event data summaries that are used in reports.
DAS_Binary	Performs event database insertion.
DAS_iTRAC	Provides the server-side functionality for the Sentinel iTRAC functionality.
DAS_Proxy	Provides the server-side of the SSL proxy connection to Sentinel Server
DAS_Query	Performs general Sentinel Service operations including Login and Historical Query.
DAS_RT	Provides the server-side functionality for Active Views.

To restart a Sentinel Server process (Windows):

Go to:
```
%ESEC_HOME%\bin
```

Specify:

.\stop_container.bat <host machine> <process name>

For example:

.\stop_container.bat localhost DAS_RT

To restart a Sentinel Container (UNIX):

Login as user Sentinel Administrator operating system user (default is esecadm).
Go to:
```
$ESEC_HOME/bin
```

Specify:

./stop_container.sh <host machine> <process name>

For example:

./stop_container.sh localhost DAS_RT