Integrators are plug-ins that can be used in Sentinel to extend the features and functionality of Sentinel remediation actions. Integrators allow Sentinel to connect to external systems, such as an LDAP server, SMTP server, or SOAP server. Actions use Integrators to interact with other systems. For example, you can set an attribute in Novell eDirectory, an LDAP server, to enable or disable a user, edit details, and so on. You can also start an Identity Manager workflow, such as a provisioning request, by using SOAP calls.
The general process for using an Integrator to perform remediation actions involves the following steps:
Determine the best type of Integrator to access the external system with which you want to interact.
Import and configure the appropriate Integrator to connect to the external system. Or, you can use the Integrators that are configured by default.
Configure the appropriate Action. Or, you can use the Actions that are configured by default.
For more information, see Section 9.0, Configuring Actions.
Perform additional configuration, if desired, to associate the action with a deployed correlation rule or an event menu action.
The action is executed:
When an associated correlation rule fires.
When you execute actions on the selected events in the Sentinel Web interface > tab.
When you execute actions on the selected Incident in the Sentinel Control Center > .
When a you select an action for the selected event in the Sentinel Control Center > > right-click menu.
For more information on specific Integrators, see the documentation that is available with the Integrators. Alternatively, you can view a specific Integrator’s documentation by clicking the button in the Integrator Manager after configuring that Integrator.
NOTE:Only users in the administrator role can configure and manage Integrators.