C.2 Collector Manager - Novell SENTINEL 6.1 SP2 - REFERENCE GUIDE 02-2010 Reference Manual

C.2 Collector Manager

Collector Manager
Table C-2
Sentinel
Component
Collector
Manager
202 Sentinel 6.1 Reference Guide
Sentinel
Sentinel Service
Process
Sentinel java
agentengine
(child process)
Function Permissions
summary required
Manages Network access
Connectors and
(both outgoing
Collectors. It access and
spawns off an local access to
agentengine bind to ports
process for greater than
each Collector it 1024)
manages.
File read
Collector
access to:
Manager also
publishes

ESEC_HOME
system status
/config
messages,

ESEC_HOME
performs global
/lib
filtering of
events, and

ESEC_HOME
performs
/jre
referential
mappings. The
File write
agentengine
access to:
process runs as

ESEC_HOME
an interpreter
/data
for Collector
scripts, which

ESEC_HOME
normalize
/log
unprocessed
(raw) events
NOTE:
from security
devices and
Additionally, will
systems
need access to
producing
other resources
event,
depending
vulnerability,
which
and asset data
Connectors it is
that Sentinel
configured to
can analyze
run and which
and store in its
Event Sources
database.
it connecting to.
Please refer to
the individual
Connector
documentation
for any
additional
permission
requirements.
Permission
Explanation
It
communicates
with iSCALE for
configuration,
event
processing, and
mapping data.
It reads local
configuration
files and uses
the java
executable.
It writes log files
as well as
caches data in
the local file
system.