Testing The Installation - Novell SENTINEL 6.1 SP2 - INSTALLATION GUIDE 02-2010 Installation Manual

Testing the Installation

4
Section 4.1, "Testing the Installation," on page 71

 Section 4.2, "Clean Up from Testing," on page 79
Section 4.3, "Getting Started," on page 80

4.1 Testing the Installation
Sentinel is installed with a demonstration collector that can be used to test many of the basic
functions of the system. Using this collector, you can test Active Views, Incident creation,
Correlation rules, and Reports. The following procedure describes the steps to test the system and
the expected results. You might not see the exact events, but your results should be similar to the
results below.
At a basic level, these tests allow you to confirm the following:
Sentinel Services are up and running

Communication over the message bus is functional

 Internal audit events are being sent
Events can be sent from a Collector Manager

Events are being inserted into the database and can be retrieved using either Historical Event

Query or the Crystal Reports
Incidents can be created and viewed

The Correlation Engine is evaluating rules and triggering correlated events

 The Sentinel Data Manager can connect to the database and read partition information
If any of these tests fail, review the installation log and other log files, and contact
Support (http://support.novell.com/phone.html?sourceidint=suplnav4_phonesup), if necessary.
To test the installation:
1 Start the Sentinel Control Center:
Windows: Double-click the Sentinel Control Center icon on the desktop.

Linux/Solaris: Log in as an admin user (esecadm), change the directory to

and run
bin ./control_center.sh
and press Enter.
2 Log in to the system as an admin user (esecadm by default).
The Sentinel Control Center opens and you can see the events in the Active Views filtered by
public filters: Internal_Events and High_Severity.
from the command prompt. Specify the credentials
4
Novell Technical
$ESEC_HOME/
Testing the Installation 71