Install Arbitrator System

Install Arbitrator System

Policy Configuration Files

Polices are a modular groupings of correlation rules, actions, and response procedures that define how to respond to certain situations that happen on the monitored systems. Policies are usually system and manufacturer specific but can contain custom scripts for actions and response procedures. Each policy will also contain several correlation rules that are designed to create Alerts based on the best practices of that particular system manufacturer.

The configuration files in this table are installed at the end of the installation process. The table describes the purpose of the components:

Component

Purpose

Filename

Controls

Controls are actions that the system can automate, user actions to support data collection, analysis before presenting to an operational user as an alert to help reduce user input and provide information and actions faster.

  • Turn an alarm a different color

  • Push alert to another system such as dashboard server or a correlation server

  • Auto acknowledge alarms

  • Email the alert to a destination

  • Create a ticket with ServiceNow

  • Pre scripted action based on a response

Other options that can be developed:

  • Using API send the data to another destination

  • Interact with another system

  • Run a script to collect additional information

  • Run a script with actions to change state or configuration

STDCONTROLS.lxcfg

Probes

A script to poll a system to collect data from a remote system. This is important if the data required can’t be streamed from a system to the Arbitrator to be consumed, the Arbitrator and collect data remotely by periodic probing of the system. Examples of probes that collect

  • AXL

  • API

  • CLI

StandardDeploymentProbes.lxcfg

PROBES.lxcfg

Response procedures

Contains group of controls that are assigned to the policies.

Policies

A set of rules for the data that is turned into an alert. It enables an alert to be generated and defines the alarm ID and the content of the alarm that gets presented to a user.

SiteStats_08122020.lxcfg POLICIESUCCE221020.lxcfg POLICIESCUCM221020.lxcfg POLICIESCUCIMP221020.lxcfg PINGMON.lxcfg

Installation Steps

  1. Log in to the Arbitrator: admin/admin

  2. Click the Wrench icon.

    7fc67e0f816ffdee

  1. Click on the icon shown below

    f0301700a05246d3

  2. Click Import,

    1c7f03e7e4f4141c

  3. Click Choose file, then select your file and click OK.

    62103d6777f092cd

  4. Ensure the name of the file you selected displays adjacent to Choose file, then click Upload.

  5. Once the file has uploaded click Import.

  6. Repeat this procedure for the following:

    • Controls

    • Probes

    • Response Procedures

    • Policies

    See: Policy Configuration Files