A vital part of creating a Solution Pack is adding content to the controls. Each control can have one or more types of content associated with it.
The same general procedure is used to add all types of Sentinel content to a Solution Pack. The Sentinel content options include the following:
Correlation Rule Deployments, including their deployment status (enabled or disabled) and associated Correlation Rules, Correlation Actions, and Dynamic Lists
Reports
iTRAC Workflows, including associated Roles
Event enrichment, including map definitions and event metatag configuration
Other associated files added when the Solution Pack is created, such as documentation, example report PDFs, or sample map files.
The general steps for Sentinel content are described below. The steps for reports, which are Crystal content, are slightly different. For more information, see "Crystal Reports".
To add Sentinel content to a control:
Log into Solution Designer in connected mode.
Open or create a Solution Pack.
Click the appropriate panel to display the available Reports from the Content Palette-Solution Pack, Category, Control, Control Group and Contents..
Select the specific Content Group you want to add.
Select the appropriate Control or placeholder and click Add Selected Content. Alternatively, drag and drop the selected Content Group to the appropriate Control or placeholder in the Solution Pack frame.
You can add a Crystal Report (.rpt file) from the SentinelReports folder on a Crystal Report Server or from a local file system. Adding a Crystal report is similar to adding other types of content, but it requires an extra step to log into the Crystal server.
Crystal reports must be deleted in the same way they were added. It is strongly recommended that the Description be edited to indicate whether the report was added to the local filesystem or to the Crystal Server.
To add a report from a Crystal Server:
Log into Solution Designer in connected mode or offline mode and open or create a Solution Pack.
Click Report panel in the Content Palette. The Report Panel will expand.
Click Connect. The Login to Crystal Server window displays. Enter the Server Name, User Name and Password in their respective fields.
NOTE: In a default Crystal installation, the User Name is "Administrator" and the password is blank.
Click Login
All the report folders will be available as a dropdown. Select the folder to view all corresponding reports.
Select a report, drag and drop the report in the Solution Pack frame. The report can now be exported using the Save option in the File menu.
NOTE: Only reports from the SentinelReports folder and its subfolders are available. The folder hierarchy is preserved when the reports are added to a target Sentinel system. (Reports must be in the SentinelReports folder to be viewed on the Analysis tab of the Sentinel Control Center.
To add a report from the local file system:
Log into Solution Designer (in connected or offline mode) on the machine where the .rpt files reside.
Open or create a Solution Pack.
Click Report panel in the C ontent Palette. The Report Panel will expand.
Select a control in the Content tree. Select a Local Report File in Content Palette and click Add Selected Content button on the top left corner.
The Add From Local Report File window displays. Browse to the location on your local drive where the report is located.
Select the file and click Open. The file description is displayed.
Click OK.
If the user is working in offline mode or is not ready to associate content with a control, an empty placeholder can be used instead.
To add a placeholder:
Click a button in the Content Palette to open the panel for the type of placeholder you want to add: Correlation, Event Enrichment, iTRAC workflow or Report.
Drag and drop the placeholder to the appropriate Control in the Solution Pack frame.
Rename if desired.
To replace a placeholder with content:
Click a button in the Content Palette to open the panel for the type of placeholder you want to replace: Correlation, Event Enrichment, iTRAC workflow or Report.
Drag and drop the appropriate Content Group from the Content Palette to the placeholder in the Solution Pack frame.
You can attach a file or files to any node in the hierarchy, and they will be included in the Solution Pack. These files can include anything useful for a user who must deploy the Solution Kit, such as a PDF view of a report, sample map data for event enrichment, or a script for an Execute Command Correlation Action. These files can be added, deleted, viewed, renamed, or saved to the local machine.
|
Add File |
Add an attachment to a node. The system prompts for another file if you attempt to add one that is already attached.
Select a node. Click Add a new attachment icon in the Attachments panel. Locate the file, enter a description, and save. |
|
View |
View an attachment.
Select a node and then select the attachment in the Attachment panel. Right-click and select View File. The file opens in the associated application. |
N/A |
Rename |
Rename an attachment.
Select a node and then select the attachment in the Attachment panel. Right-click and select Rename. Enter the new name and click OK. |
|
Delete |
Delete an attachment.
Select a node and then select the attachment in the Attachment panel. Right-click and select Delete. Click OK to delete. |
|
Save |
Save a copy of the attachment to the local system.
Select a node and then select the attachment in the Attachment panel. Right-click and select Save As. Select a file location and click Save. |