Installing Content from Solution Packs

To use the content of a Solution Pack in the Sentinel Control Center, you must install the Solution Pack or selected Controls in a Sentinel System (also known as the "target" Sentinel system).

When you install either a Solution Pack or an individual Control, all of the child nodes are installed.

To install the contents of a Solution Pack:

  1. Go to Admin Tab > Solution Packs.

  2. Double-click a Solution Pack to open Solution Manager. Alternatively you can click Open with Solution Manager icon. The Solution Manager window displays.

  3. Select a Solution Pack or a Control which you want to install. Click Install. Alternatively, right-click on a Solution Pack or Control and select Install. The Install Control Wizard displays. If you select a Solution Pack, all the controls in that Solution Pack displays. If you select a individual Control then that control is displayed in the Install Control Wizard window.

image\ebx_-1925183973.gif

  1. Click Next. If Correlation Rules or Reports are included in the Solution Pack, you may need to proceed through several additional screens until you reach the Install Content window.

image\ebx_-1725444119.gif

Click Install.

  1. After installation the Finish button displays.

Click Finish.

If the installation fails for any content item in the Control, the Solution Manager rolls back all the contents in that control to uninstalled.

There are special considerations for installing certain types of content, including Correlation Rules and Reports; these issues are described below.

Correlation Rules are deployed to a specific correlation engine. During the Control installation, the following screen shows the correlation engines in the target Sentinel system and the rules that are already running on those engines. Based on the number and complexity of the rules running on the engines, you can decide which correlation engine to which you will deploy the Correlation Rule.

Correlation rules will deploy in an Enabled or Disabled state, depending on their status in the source Sentinel system when the Solution Pack was created.

If an Execute Script Correlation Action is associated with the Correlation Rule, the Solution Manager attempts to install the associated JavaScript code on all correlation engines. If any of the correlation engines is unavailable, a message displays.

image\ebx_1919510359.gif

You can cancel the Control's installation and fix the problem or continue installation on only the available correlation engine(s).

image\ebx_-2031841433.gif

NOTE: The Execute Script Correlation Action cannot run on a particular correlation engine if the installation of the JavaScript code fails for that correlation engine. The .js file can be manually copied to the proper directory on the correlation engine. In a default installation, the proper directory is $ESEC_HOME/config/exec or %ESEC_HOME\config\exec.

If an Execute Command Correlation Action is associated with the Correlation Rule, the Solution Manager installs the command and its arguments, but the script, batch file, or utility must be manually configured on the correlation engine(s). This may require installing the utility, configuring permissions, or manually copying a script or batch file to the proper directory on the correlation engine(s).

NOTE: In a default installation, the proper directory for the script or batch file is $ESEC_HOME/config/exec or %ESEC_HOME\config\exec.

There are two options for publishing Crystal reports. They can be installed to a local directory and then installed using the Crystal Publishing Wizard, or with additional configuration, they can be published directly from the Solution Manager to the Crystal Server.

NOTE: Crystal reports must be deleted in the same manner they were added. It is strongly recommended that the Notes tab of the Documentation frame be edited to indicate whether the reports are added using the local method or the Crystal Server method.

To install to a local directory on the Sentinel Control Center machine, select Install to Local Directory on the screen below and then browse to the directory. Then the user must publish the reports to a SentinelReports folder using the Crystal Publishing Wizard. For more information, see Crystal Reports for Windows and Crystal Reports for Linux in Sentinel Installation Guide

image\ebx_-697548282.gif

To publish the reports directly to the Crystal Report Server, select Publish to Crystal Server and enter the Crystal Server Name, Username and Password. (In a default installation, the Username is "Administrator" and Password is blank.) When you publish directly to the Crystal Server, all reports are installed in the SentinelReports folder so they will be visible from the Analysis tab of the Sentinel Control Center. Any folder hierarchy below SentinelReports is also preserved.

NOTE: The direct publishing method is only possible if you configure the web server as described below.

image\ebx_-1709752484.gif

To configure direct report publishing for Microsoft IIS:

  1. Create a Sentinel subdirectory in the Crystal installation directory. By default, Crystal is installed in the following directory:

Business Objects\BusinessObjects Enterprise 11.5\Web Content\Enterprise115\WebTools\

  1. Go to reports_patch\IIS in the service pack top level directory and copy the publish_report.aspx and delete_report.aspx files to the Sentinel subdirectory in the Crystal installation directory.

  2. Open the web.config file in the Crystal install directory for editing.

  3. Add two new entries to the <assemblies> section of the web.config file for Enterprise.PluginManager and Enterprise.Desktop.Report. The following example shows a sample <assemblies> section:

<assemblies>

<add assembly="CrystalDecisions.CrystalReports.Engine, Version=11.5.3300.0, Culture=neutral, PublicKeyToken=123abcd1234a1234" />

<add assembly="CrystalDecisions.ReportSource, Version=11.5.3300.0, Culture=neutral, PublicKeyToken=123abcd1234a1234" />

<add assembly="CrystalDecisions.Shared, Version=11.5.3300.0, Culture=neutral, PublicKeyToken=123abcd1234a1234" />

<add assembly="CrystalDecisions.Web, Version=11.5.3300.0, Culture=neutral, PublicKeyToken=123abcd1234a1234" />

<add assembly="CrystalDecisions.Enterprise, Version=11.5.3300.0, Culture=neutral, PublicKeyToken=123abcd1234a1234" />

<add assembly="CrystalDecisions.Enterprise.Framework, Version=11.5.3300.0, Culture=neutral, PublicKeyToken=123abcd1234a1234" />

<add assembly="CrystalDecisions.Enterprise.InfoStore, Version=11.5.3300.0, Culture=neutral, PublicKeyToken=123abcd1234a1234" />

<add assembly="CrystalDecisions.Enterprise.Shared, Version=11.5.3300.0, Culture=neutral, PublicKeyToken=123abcd1234a1234" />

<add assembly="CrystalDecisions.Enterprise.PluginManager, Version=11.5.3300.0, Culture=neutral, PublicKeyToken=123abcd1234a1234" />

<add assembly="CrystalDecisions.Enterprise.Desktop.Report, Version=11.5.3300.0, Culture=neutral, PublicKeyToken=123abcd1234a1234" />

</assemblies>

IMPORTANT: The new entries should use the same Version, Culture, and PublicKeyToken values as the other entries in your file.

Only fully defined Controls can be installed. For Controls that contain placeholders, the Install option is disabled:

image\ebx_2140646109.gif

The following warning displays in the description frame:

image\ebx_-12994219.gif

If two separate Controls contain identical content and one Control is deployed successfully, the status of the duplicate content in the other Control is changed to Installed. The remaining child nodes in the second Control stay uninstalled.

Each content item is only installed once. If the same content item (for example, an iTRAC workflow or a correlation rule) is included in more than one Control, it is only installed once. Therefore, if you install one of those Controls, the content appears with an installed status in the other Control. In this scenario, the Solution Manager may show that the content for the second Control is only partially installed. See Control 1.4.2 in the example below:

image\ebx_-513937804.gif

If the Solution Manager detects content with the same name but a different unique identifier in the target Sentinel system, the Solution Manager installs the content with a unique ID appended to the name. For example, the rule from the Solution Pack might be named Unauthorized Firewall Change (1). The existing rule in the Sentinel system is unchanged.

NOTE: To prevent confusion for end users, Novell recommends that one of these rules be renamed.