Terminologies; Section 1.4, "Terminologies - Novell SENTINEL LOG MANAGER 1.0.0.5 - INSTALLATION GUIDE 03-31-2010 Installation Manual

Data Collection: Novell Sentinel Log Manager collects data with the help of connectors. These
connectors obtain data from device logs, and collectors parse device log data into a standardized
format.
Data Storage: The data flows from data collection components to data storage components. These
components use a file based data storage and indexing system to keep device log data and a
PostgreSQL database to keep Novell Sentinel Log Manager configuration data. The search and
reporting components access and find the requested event log data.in the file based data storage and
indexing system. The data storage components also deletes data from storage location when the data
retention time limit exceeds or if the available space reduces below an specified disk space value.
Searching and Reporting: The searching and reporting components search the data in both the
online and archive storage locations.
User Interface: User interface functionality is provided by a Web server and a Java Web Start based
graphical user interface (GUI). All user interfaces communicate with the server by using an
encrypted connection.
Collector Manager Optionally, you can remotely install a collector manager from the Sentinel Log
Manager server at a suitable location in your network. The collector manager provides a flexible
data collection point. The remote collector manager runs the connectors and collectors, forwards the
output of the collectors onto Novell Sentinel Log Manager for storage and further processing.
For information about installing collector managers, see "Installing Additional Collector Managers"
on page 33.

1.4 Terminologies

This section describes the terminologies used in this document.
Collectors: Collectors parse the data and deliver a richer event stream by injecting taxonomy,
exploit detection, and business relevance into the data stream before events are correlated, analyzed,
and sent to the database.
Connectors: The Connectors use industry standard methods to connect to the data source to get raw
data.
Data Retention: The data retention policy defines the duration for which the events remain and
deleted from the Sentinel Log Manager server.
Event Source Management: The Event Source Management (ESM) interface allows you to
manage and monitor connections between Sentinel and its event sources by using Sentinel
TM
Connectors and Sentinel Collectors.
Events Per Second: Events per second (EPS) is a value to measure how fast a network generates
data from its security devices and applications. It is also a rate on which Sentinel Log Manager can
collect and store data from the security devices.
Integrator: Integrators are plug-ins that allow Sentinel systems to connect to other external
systems. JavaScript actions can use Integrators to interact with other systems.
16 Sentinel Log Manager 1.0.0.5 Installation Guide