Table of Contents
Advertisement
B.2 Collector Manager
Collector Manager
Table B-2
Sentinel
Component
Collector
Manager
126 Sentinel 6.1 Rapid Deployment Reference Guide
Sentinel
Sentinel
Service
Process
Sentinel
java
agentengine
(child process)
Function
Permissions required
summary
Manages
Network access (both
Connectors
outgoing access and
and Collectors.
local access to bind to
It spawns off an
ports greater than
agentengine
1024)
process for
File read access to:
each Collector
it manages.
<Install_Directo
Collector
ry>/config
Manager also
<Install_Directo
publishes
ry>/lib
system status
messages,
<Install_Directo
performs global
ry>/jre
filtering of
events, and
File write access to:
performs
<Install_Directo
referential
ry>/data
mappings. The
agentengine
<Install_Directo
process runs as
ry>/log
an interpreter
for Collector
NOTE: Additionally,
scripts, which
will need access to
normalize
other resources
unprocessed
depending which
(raw) events
Connectors it is
from security
configured to run and
devices and
which Event Sources it
systems
connecting to. Please
producing
refer to the individual
event,
Connector
vulnerability,
documentation for any
and asset data
additional permission
that Sentinel
requirements.
can analyze
and store in its
database.
Permission
Explanation
It
communicates
with ActiveMQ
for
configuration,
event
processing,
and mapping
data.
It reads local
configuration
files and uses
the java
executable.
It writes log
files as well as
caches data in
the local file
system.
Advertisement
Table of Contents
