Environment
Change Guardian 4.2
Change Guardian 5.0
Change Guardian 5.1
Change Guardian 5.0
Change Guardian 5.1
Situation
How can I report on Change Guardian through Sentinel?
Does Sentinel communicate with Change Guardian?
How can events be forwarded from CG to my Sentinel server?
Resolution
To send events to sentinel please follow the instructions below.
1:) Login to the Change Guardian Policy Editor.
2.) Select Settings\Event Destination.
3.) An event destination configuration window will pop up. Select the Add button at the bottom left of the screen.
4.) Provide the following information to configure the new event destination.
Name: A name that represents the event destination.
Model: Select Syslog Dispatcher to send processed events directly from the CG Server to the Sentinel Server.
Description: Provide a description of the event destination configuration.
Host: The DNS recognized name of the Sentinel Server .
Port: The default port is 6514 and should not be changed without first discussing with Technical Support or the event routing will fail.
Type: TCP is default but UDP can also be selected.
Connection Usage: In the blank area use the pull down menu to select the event filter that will select which events to send to Sentinel. If the default filters are not sufficient custom filters can be specified. This area must have a filter specified or no events will be sent.
5.) Once information is provided then select the Okay button to accept the changes and the new event destination will display.
6.) Events should begin to be sent to the Sentinel server once configuration is complete.
| A Visible |
Cause
When an environment also has Sentinel in use along with Change Guardian it can be more efficient to centralize all the events to the Sentinel Server for reporting.