Versions Compared

Old Version 16

changes.mady.by.user Yuriy Ostrovskiy (Deactivated)

Saved on

compared with

New Version Current

changes.mady.by.user Ivan Babich

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Now it’s time for driver configuration

...

Scroll down to see all the settings.
For Elasticsearch Server you must define your server. The URL must contain protocol, domain name, and port. If a reverse proxy isn't used, OpenSearch will be here in the URL as well.
For User set a user which has access to OpenSearch, default is “osadmin”. Also set a password for this user.
Lastly set the KeyStore filepath and its password (the one copied in Step 2)

Once done, the settings should look like this

...

Click Next. The following window is okay on defaults so click Next again.

...

Setting

Description

Driver Name

Just driver name nothing more :)

Audit template

Enter the full path to your template.json (legacy)

Audit License File

Full path to the file containing Audit Driver Licence key on your IDM Server.

Leave blank if you use the Audit Driver along with the Audit Proxy and native OpenSearch.

Audit Index prefix

Alias of writeble audit index. Can be found in Web UI in Administration->Data Connectors->Event Service(<your connection name>)

Please don't change it if you don't know why you are doing it.

Count of retries to fatal error

If driver loose connection to Audit Server, it will try to resend the audit message for the specified amount of times and then will be shutted down.
"0" means no limit of retries

Scroll down to see all the settings.
For Opensearch Server you must define your server. The URL must contain protocol, domain name, and port. If a reverse proxy isn't used, OpenSearch will be here in the URL as well.
For User set a user which has access to OpenSearch, default is “osadmin”. Also set a password for this user.
Lastly set the KeyStore filepath and its password (the one copied in Step 2)

Once done, the settings should look like this

...

Setting

Description

ACDI Server and Opensearch endpoint

URL of your ACDi instance jncluding protocol, domain name, port and endpoint for OpenSearch

OpenSearch document type name

Type of document which will be set in requests

User

Credentials which will be user for authentication. This user must have entitlements to wright to OpenSearch

Password

KeyStore Type

Type of keystore used to hold certificate. PKCS12 and JKS available

KeyStore filepath

Full path to KeyStore

KeyStore passphrase

Password for KeyStore

Click Next. The following window is okay on defaults so click Next again.

...

Setting

Description

Save the Event XML document?

Save whole event xml document to view/use it in ACDI dashboards/reports

Connected System

Value for the parameter "Connected System" which will be attached to event object. If you change this parameter, the dashboard called "NetIQ Audit Dashboard" will not work and should be reconfigured.

Audit SYNC events

Defines if SYNC events will be processed or not

Cut “Old/New Value” to the number of symbols

Limits length of “New Value” and “Old Value” parameters of event object.

Strip attribute "modifiersName”?

"modifiersName" is a special attribute which allows to calculate correct modifier for this event. It should be added into Filter for all classes chosen for auditing. By default its changes aren't audited.
If you need to audit changes of this attribute, please set "false"

Modifier accuracy period (seconds)

If difference between Audit Time and Event Time bigger than specified amount of seconds, calculated Modifier will be marked as "approximate" instead of "calculated"

On Confirm Installation Tasks, click Finish.

...

See the deployment results and click OK.

...

Info

Please, set Driver security equivalencies equal to objects that have permission to read objects you want to monitor! In other cases, the driver will receive events only about himself!

Anchor
step7
step7

Appanvil karma designer
summary Step 7 Start the Driver
page{"name":"page","children":[{"id":"kgu7ez0ZR4iGYuNl5RPMP","params":{"background":{"light":"#486AAF","dark":"#1d2125"},"padding":0,"gap":10},"children":[{"id":"lc_gxkmUyn4VZdOKO1bxq","name":"row","children":[{"id":"B8S3dZ9H1rs8106ym0lWp","name":"column","children":[{"name":"text","params":{"templateId":"headline 2","value":[{"type":"paragraph","children":[{"type":"paragraph","children":[{"text":"Step 7 Start the Driver","letterSpacing":0,"fontWeight":700,"fontSize":42,"color":{"light":"#ffffff"}}],"align":"center"}]}]},"children":[],"id":"e6Uv6MfBEeYC3o03y_99H"}],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"rG8QUHBlr3ITcpd_zVPkX","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"jNpVaMfv0lOf3jbCIdWs1","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"IA7LwcH2bIreABYiAe-xd","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"R8kdidyMrcBk8WPcmjil4","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"NdLrdb7AIqvs55vEOQu4I","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}}],"params":{"layout":[1],"gap":10,"minHeight":70,"padding":10,"borderRadius":0,"size":"full"}}],"name":"section"}],"id":"2O4cLz7m7_KBCA9jRZglT"}

...