1. Manuals
  2. Brands
  3. Novell Manuals
  4. Software
  5. SENTINEL LOG MANAGER 1.0.0.5 - 03-31-2010
  6. Installation manual

Novell SENTINEL LOG MANAGER 1.0.0.5 - INSTALLATION GUIDE 03-31-2010 Installation Manual

Hide thumbs Also See for SENTINEL LOG MANAGER 1.0.0.5 - INSTALLATION GUIDE 03-31-2010:
Table of Contents

Advertisement

Quick Links

Download this manual See also: Administration Manual
AUTHORIZED DOCUMENTATION
Installation Guide
Novell
®
Sentinel Log Manager 1.0.0.5
1.0.0.5
March 31, 2010
www.novell.com
Sentinel Log Manager 1.0.0.5 Installation Guide

Advertisement

Table of Contents
loading

Related Manuals for Novell SENTINEL LOG MANAGER 1.0.0.5 - INSTALLATION GUIDE 03-31-2010

Summary of Contents for Novell SENTINEL LOG MANAGER 1.0.0.5 - INSTALLATION GUIDE 03-31-2010

  • Page 1 AUTHORIZED DOCUMENTATION Installation Guide Novell ® Sentinel Log Manager 1.0.0.5 1.0.0.5 March 31, 2010 www.novell.com Sentinel Log Manager 1.0.0.5 Installation Guide...
  • Page 2 Further, Novell, Inc., reserves the right to make changes to any and all parts of Novell software, at any time, without any obligation to notify any person or entity of such changes.
  • Page 3 Novell Trademarks For Novell trademarks, see the Novell Trademark and Service Mark list (http://www.novell.com/company/legal/ trademarks/tmlist.html). Third-Party Materials All third-party trademarks are the property of their respective owners.
  • Page 4 Sentinel Log Manager 1.0.0.5 Installation Guide...

  • Page 5: About This Guide

    Sentinel Log Manager 1.0.0.4 Administration Guide. Documentation Conventions In Novell documentation, a greater-than symbol (>) is used to separate actions within a step and items in a cross-reference path. ® A trademark symbol ( , etc.) denotes a Novell trademark. An asterisk (*) denotes a third-party trademark.
  • Page 6 Sentinel Log Manager 1.0.0.5 Installation Guide...

  • Page 7: Table Of Contents

    1.1.3 Novell Sentinel Log Manager 1.0 Features ....... . 11 Novell Sentinel Log Manager Interface .
  • Page 8 Sentinel Log Manager 1.0.0.5 Installation Guide...

  • Page 9: Introduction

    500 EPS Version of Sentinel Log Manager The Novell Sentinel Log Manager is now available in a 500 EPS (events per second) version. The 500 EPS version is suitable for small deployments with only one Sentinel Log Manager server and a low event rate.
  • Page 10 “Enhancements to the Search Result User Interface” on page 10 “New User Interface for Actions” on page 10 “Enhancement to the Admin User Interface” on page 11 New Data Collection User Interface The new and enhanced data collection user interface enables you to perform several new tasks: Refine all the event sources by using the new Event Sources screen.

  • Page 11: Novell Sentinel Log Manager 1.0 Features

    Novell Sentinel Log Manager contains enhanced web-based user interface support for Syslog and Novell Audit connectivity to make it even easier to start collecting logs from event sources. You can direct all the logs to Sentinel Log Manager.
  • Page 12 Novell Sentinel Log Manager Guide. Data Storage and Management Novell Sentinel Log Manager stores all of the log data in a compressed file format. Data can be archived locally or on a remotely-mounted CIFS or NFS share. You can set up data retention policies to configure the system to keep some data for longer time periods and other data for shorter time periods.

  • Page 13: Novell Sentinel Log Manager Interface

    Novell Sentinel Log Manager Guide. 1.2 Novell Sentinel Log Manager Interface You can use the Novell Sentinel Log Manager Web interface to perform the following tasks: Search for events Save the search criteria as a report template...

  • Page 14: Architecture

    Novell Sentinel Log Manager Interface Figure 1-1 1.3 Architecture The following illustration depicts the architecture of Novell Sentinel Log Manager: Sentinel Log Manager 1.0.0.5 Installation Guide...
  • Page 15 SSL Proxy Tomcat Servlet Container Communication Remoting https Client Collector Manager Firefox/Internet Swing UI Explorer Java Web Start Novell Sentinel Log Manager architecture comprises of components that perform data collection, data storage, search, and reporting by using the user interfaces. Introduction...

  • Page 16: Terminologies

    Data Collection: Novell Sentinel Log Manager collects data with the help of connectors. These connectors obtain data from device logs, and collectors parse device log data into a standardized format. Data Storage: The data flows from data collection components to data storage components. These components use a file based data storage and indexing system to keep device log data and a PostgreSQL database to keep Novell Sentinel Log Manager configuration data.
  • Page 17 Raw Data: Raw data varies from Connector to Connector because of the format of the data stored on the device. The system processes a record or data at a time. The raw data contains the information about the raw data message, raw data (record) ID, time the raw data was received (as stamped by the Collector Manager), IDs of the event source, Connector, Collector, and Collector Manager node IDs and a SHA-256 hash of the raw data.
  • Page 18 Sentinel Log Manager 1.0.0.5 Installation Guide...

  • Page 19: System Requirements

    A single server may cater different event sources. For example, a Windows server could collect data from the Windows platform and also from an SQL server database hosted on it. Novell recommends the following hardware requirements for a production system that holds 90- days of online data:...

  • Page 20: Collector Manager

    You must set up the archive location to an external multi-drive storage network area (SAN) or network-attached storage (NAS). The recommended steady state volume is 80% of the maximum licensed EPS. Novell recommends that you add additional Sentinel Log Manager instances if this limit is reached.

  • Page 21: Supported Operating Systems

    2.1.4 Virtual Environment Sentinel Log Manager has been extensively tested on VMWare* ESX Server, and Novell fully supports Sentinel Log Manager in this environment. Performance results in a virtual environment can be comparable to the results achieved in tests on physical machine, but the virtual environment should provide the same memory, CPU, disk space, and I/O as the physical machine recommendations.

  • Page 22: Supported Browsers

    In Microsoft* Internet Explorer* 8, set the security level to the default level (Medium-high) by navigating to Tools > Internet Options > Security tab > Security levels. If the Internet Security Level is set to High, then only a blank page appears after logging in to Novell Sentinel Log Manager.

  • Page 23: Supported Event Sources

    NOTE: The Mainframe and SAP Connectors require a separate license. 2.5 Supported Event Sources All event sources (devices) are supported, if there is a suitable connector to access their data. Novell Sentinel Log Manager provides collectors for many event sources. These collectors perform deep parsing of recognized events coming from the event sources.
  • Page 24 Microsoft SQL Server* (2005 and 2008) Nortel VPN (1750, 2700, 2750, and 5000) Novell Access Manager 3.1 Novell Identity Manager 3.6.1 Novell Netware 6.5 Novell Modular Authentication Services 3.3 Novell Open Enterprise Server 2.0.2 Novell Privileged User Manager 2.2.1 Novell Sentinel Link 1 ®...
  • Page 25 NOTE: To enable data collection from the Novell iManager and Novell Netware 6.5 event sources, add an instance of a collector and a child connector (Audit connector) in the Event Source Management interface for each of the event sources. Once this is done, these event sources appears in the Sentinel Log Manager web console under the Audit Server tab.
  • Page 26 Sentinel Log Manager 1.0.0.5 Installation Guide...

  • Page 27: Installing And Uninstalling Novell Sentinel Log Manager

    Section 3.1, “System Prerequisites,” on page 27 Section 3.2, “Installing on an Existing Operating System,” on page 28 Section 3.3, “Logging in to Novell Sentinel Log Manager,” on page 30 Section 3.4, “Configuring Archive Server Settings,” on page 30 Section 3.5, “Installing Additional Collector Managers,” on page 33 Section 3.6, “Post-Installation Configurations,”...

  • Page 28: Installing On An Existing Operating System

    The installation creates a novell group and novell user, if they do not already exist. NOTE: The novell user is created without a password. If you want to log in as the novell user later (for example, to install patches), create a password for this user after the installation is completed.

  • Page 29: Non-Root Installation

    , most of the installation steps can be run as another user. The installation scripts provided root with Sentinel Log Manager and instructions in this documentation assume that the installation is run by using the novell user and novell group and that the installation directory is /opt/novell. 1 Download or copy to the directory.

  • Page 30: Logging In To Novell Sentinel Log Manager

    17 Specify the password. root Novell Sentinel Log Manager is configured to start with runlevels 3 and 5 (Multi-User Mode with boot-up in console or X-Windows mode). 18 Execute the script to enable port forwarding from ports less than bin/config_firewall.sh...

  • Page 31: Cifs Configuration

    The NFS server must have a user and a group with a UID and a GID that correspond to the novell user and group on the Sentinel Log Manager server. Installing and Uninstalling Novell Sentinel Log Manager...
  • Page 32 , which can be resolved by the NFS server. manager-server The archive destination directory on the NFS server must be owned by the novell user and group. In the following examples, the archive destination is /archive user on the Sentinel Log Manager server must be mapped to the novell user and root group on the NFS server.

  • Page 33: Installing Additional Collector Managers

    2 Click the collection link at the upper left corner of the page. 3 Click the Advanced tab. 4 On clicking on Download Installer link, an window is Opening scm_installer.zip displayed with the option to save the file on your local machine. scm_installer.zip Installing and Uninstalling Novell Sentinel Log Manager...
  • Page 34 5 Extract the install script from the file and install the Sentinel Collector scm_installer.zip Manager on the machine from which you want to forward the events: Platform Action Windows Extract the file. scm_installer.zip The files are extracted to a directory named disk1.
  • Page 35 8 Read the Welcome screen, then click Next to install the Sentinel 6.1 on your system. 9 The Novell Software License Agreement wizard is displayed. Read the End User License Agreement. Select the I accept the terms of the license agreement option, then click Next.
  • Page 36 Custom Memory Configuration: Click Configure to fine-tune memory allocations. This option is only available if there is sufficient memory on the machine. 14 Summary screen with the features selected for installation is displayed. Click Install to install the Sentinel 6.1. 15 After the installation, you are prompted to enter the username and password that are used by ActiveMQ JMS strategy to connect to the broker.

  • Page 37: Post-Installation Configurations

    4 Delete the Sentinel Log Manager home directory and its contents. rm -rf /opt/novell/sentinel_log_mgr_1.0_x86-64 If you want to retain or remove any information related to the novell user and group, use the following steps: 5 (Conditional) If you do not want to retain any information related to the novell user, run the following command to remove the user, its home directory, and the group: userdel -r novell &&...
  • Page 38 ~novell/.pgpass *:*:*:dbauser:password The dbauser password is shown in clear text, but the contents of this file are only visible to users, who already have full access to all functions on the Sentinel novell root Log Manager server. Sentinel Log Manager 1.0.0.5 Installation Guide...

This manual is also suitable for:

Sentinel log manager 1.0.0.5

Table of Contents