Sentinel is a Security Information and Event Management (SIEM) that receives information from many sources throughout an enterprise, standardizes it, prioritizes it and presents it to you to make threat, risk and policy related decisions. The Sentinel Web interface is the main user interface for viewing and interacting with this data.
Launch a supported Web browser. (Internet Explorer 8 or Firefox 5).
Specify the URL of the Sentinel Web interface:
IP_Address/DNS_Sentinel_server is the IP address or DNS name of the Sentinel server and 8443 is the default port for the Sentinel server.
Log in as a user with permissions to access the desired feature.
If it is your first time logging in, log in with the administrator name and password specified during the installation.
For information on the various roles and permissions, see Section 2.0, Configuring Users and Roles.
By default, the username is admin. The password is specified during the installation of Sentinel. For more information, see NetIQ Sentinel 7.0.1 Installation and Configuration Guide.
The Sentinel Web interface allows you to configure your Sentinel system and administer features. There are two different types of options displayed in the Web interface:
The administration options are displayed in the toolbar if you are logged in as a user with an administrative role. The following are the administration options:
Collection: Allows you to configure data collection through event sources. For more information, see Section 6.0, Configuring Data Collection.
Storage: Allows you to configure how Sentinel stores all of the data it gathers. For more information, see Section 5.0, Configuring Data Storage.
Routing: Allows you to configure how events are automatically routed through the Sentinel system to rules or Actions. For more information, see Section 8.0, Configuring Event Routing Rules.
Users: Allows you to configure users and roles for managing Sentinel. For more information, see Section 2.0, Configuring Users and Roles.
Search Setup: Allows you to configure Sentinel to search other Sentinel and Sentinel Log Manager systems for events. For more information, see Section 13.0, Searching and Reporting Events in a Distributed Environment.
Downloads: The location where you can download the stand-alone installers for remote Collector Managers and Correlation Engines. For more information, see NetIQ Sentinel 7.0.1 Installation and Configuration Guide.
The user options are displayed on the left and at the end of the toolbar for users with the rights to the different features. If you log in as a user without the rights to a feature, the feature is not displayed. The following are the user options:
Logged in User Name: Displays the name of the user that you used to log in to Sentinel. You can edit information about the user, change the user’s password, or see additional information about the user in this link.
Help: Provides link to the Sentinel 7.0 documentation Web site, Sentinel API, Sentinel Help Portal, and Sentinel Database Schema.
About: Displays the version, copyright information, and license information for Sentinel.
Application: The location where you launch the Sentinel Control Center (SCC) and the Solution Designer. For more information about the SCC, see Section 1.2, Sentinel Control Center. For more information about the Solution Designer, see Section 1.4, Solution Designer.
Security Intelligence: Allows you to perform statistical analysis for trends in the data gathered by Sentinel. For more information, see NetIQ Sentinel 7.0.1 User Guide.
People: Integrates Sentinel with Novell Identity Manager to track each user’s account identity information and the status of the account. A user account can have one or more identities per system in the IT environment. For more information, see NetIQ Sentinel 7.0.1 User Guide.
Correlation: Allows you to correlate a set of similar or comparable events in a given period with the rules you create and deploy in the Correlation Engine so you can take appropriate action to mitigate any situation. For more information, see NetIQ Sentinel 7.0.1 User Guide.
Tags: Allows you to tag all data collection objects such as Event sources, Servers, Collector Managers, Collector plug-ins, report templates, and report results. Tags are user-defined values that can be used to logically group data collection objects within the Sentinel system.You can search for events, report templates, and report definitions based on tags. For more information, see NetIQ Sentinel 7.0.1 User Guide.