This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
Sentinel Product...nobody
Sentinel Product

Version management

Difference between version and

At line 1 added 81 lines
My experience.
Setup the Logmanager v1.0 product.
Considerable confusion on what platform agent ot use.
Most comments in the forums said not to use the Sentinel agent, but rather the Audit Agent.
!!The WMI connector for Windows
The dialog shows information showing the LDAP port. (389/636) and one would surmise that the connection would be LDAP. I tried every thing I could think of to put in for Name and password and domain with no success.
Finally, used:
* Name: Administrator
* password:
* Domain: mad.willeke.com
And it worked. Why, why, WHY do companies not provide some sort of dialog help for these things.!!! Platform Agents
!Stopping LCache
A new option to stop LCache has been added. To stop LCache, use the following command:
{{{
kill -TERM `pgrep lcache`
}}}
This option is introduced due to the following issues:
* LCache is not stopped when the logging application is stopped.
* Modifying the LCache configuration in logevent.conf file does not take effect unless you restart LCache.
!Logging Cache Module Startup
The Logging Cache Module (lcache) writes events to the Disconnected Mode Cache if the connection between the Platform Agent and the Secure Logging Server fails. It is installed with logevent on every server running applications that log events to Novell Audit.
On NetWare® and Windows, logevent automatically loads lcache. On Linux, the eDirectory™ instrumentation, auditDS, automatically loads lcache. In some circumstances, on Linux and Solaris systems, lcache must be manually loaded.
To load lcache on Linux systems, enter
{{{
/opt/novell/naudit/lcache
}}}
To load lcache on Solaris systems, enter
{{{
/opt/NOVLnaudit/lcache
}}}
!!!Collectors
[http://support.novell.com/products/sentinel/secure/sentinel61.html]!!Edirectory Instrumentation
eDirectory Instrumentation is not installed by default. It is provided in the eDirectory install package.
To install you may need to force install as the default setup want to use the Sentinel platform agent.
{{{
rpm -Uvh --nodeps novell-AUDTedirinst-8.8.5-12.i586.rpm
}}}
!Start the eDirectory Instrumentation
{{{
ndstrace -c "load auditds"
}}}
! Stop eDirectory Instrumentation
{{{
ndstrace -c "unload auditds"
}}}
! Check eDirectory Instrumentation
{{{
ndstrace -c modules |grep auditds
auditds Running
}}}!! Windows WMI Connector
The collector must run on a Windows Machine. The docs say; "Windows-based Sentinel 6 Collector Manager with the latest service pack applied".!![Novell SUSE Linux Enterprise Server Sentinel Collector]
[Novell SUSE Linux Enterprise Server Sentinel Collector]
!![Novell IDM Sentinel Collector]
[Novell IDM Sentinel Collector]
!!! Summary at this point
Sentinel has turned out to be just as I had feared for a number of years.
A product which requires a full time, highly EXPERIENCED specialists to setup and maintain.
I am, at this point, afraid to recommend the product to clients, or would have to severely warn them as to the extent and effort of the deployment and ongoing effort to maintain the product to obtain the level of results that the Novell sales machine promises.
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop