Part 1 covered connecting Novell IDM to Novell Sentinel. Part 2 covered adding our own custom events to Sentinel and getting the data to appear in Sentinel. In this portion, I will cover adding taxonomy information to the custom events.
Taxonomy is a way of allowing a generic query to gather all events of a specific type (IE User Password Change or User Creation) regardless of the source application. It is very useful data to include in our Sentinel events.
In the out of the box connector, there is a file called taxonomy.map. This file contains the taxonomy information. These events can be copied directly, the eventID is in hex format in this file, similar to the LSC file. For reference information on the taxonomy values, see http://www.novell.com/developer/sentinel_taxonomy.html
In order to add the newly modified taxonomy.map file into the collector, modify the custom.js file (see Part 2 for more information) to load this file. The new version of the taxonomy.map and custom.js files both need to be uploaded to the collector and the collector manager needs to be restarted again.
Once this is done, the new custom events should have taxonomy information in them. In Part 4, adding your own custom titles to the LSC files so the data shows up wherever you like it in the Sentinel event.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment