NetIQ eDirectory

Version: NetIQ eDirectory (Previously known as Novell eDirectory) v8.8 SP7 or later.

eDirectory is a highly scalable, high-performing, secure directory service. It can store and manage millions of objects, such as users, applications, network devices, and data. Novell eDirectory offers a secure identity management solution that runs across multiple platforms, is internet-scalable, and extensible.

Netsurion Open XDR that seamlessly combines SIEM, Log Management, File Integrity Monitoring, machine Analytics and so forth. It is designed to address an ever-changing landscape of threats and challenges, with a full suite of high-performance tools for security, compliance, and operations. Netsurion Open XDR delivers comprehensive, useful and actionable insight into what is really going on in and around an enterprise IT environment.

Netsurion Data Source Integration for eDirectory allows you to monitor following:-

  • Account Management events.
  • Authentication events.
  • Role Management events.
  • Service or application events.
  • System Events.
  • Data Item or Resource Element events.

After the eDirectory is configured to deliver events to the Netsurion Open XDR, the dashboards and reports can be configured into Netsurion Open XDR.

The following are the key Data Source Integration available in Netsurion Open XDR.

Alerts

Type Name Description
Security eDirectory – Account created This alert is generated when an account is created.
Security eDirectory – Authentication failed This alert is generated when a user authentication failed.
Security eDirectory – Role created This alert is generated when create a new role, or an attempt is made to create a new role.
Security eDirectory – Role deleted This alert is generated when an existing role is deleted, or an attempt is made to delete an existing role.
Security eDirectory – Service disabled This alert is generated when a service, operation or function is disabled..
Security eDirectory – System shutdown This alert is generated when a service, operation or function is enabled.

Reports

Type Name Description
Security eDirectory – Account created This category based report provides information about created accounts.
Security eDirectory – Account deleted This category based report provides information about deleted accounts.
Security eDirectory – Account disabled This category based report provides information about disabled accounts.
Security eDirectory – Access token created This category based report provides information about created access tokens.
Security eDirectory – Authentication failed This category based report provides information about user authentication failures.
Security eDirectory – Session authenticated This category based report provides information about user authenticated sessions.
Security eDirectory – Peer association created This category based report provides information about to new peer association creations.
Security eDirectory – Peer association destroyed This category based report provides information when a existing peer association is destroyed.
Security eDirectory – Role created This category based report provides information related to create a new role, or an attempt is made to create a new role.
Security eDirectory – Role deleted This category based report provides information when an existing role is deleted, or an attempt is made to delete an existing role.
Security eDirectory – Service terminated This category based report provides information about terminated services.

Documentation

The configuration details are consistent with Netsurion Open XDR 7.x or later, and NetIQ eDirectory v8.8 SP7 or later.

Download Integration Guide for configuration instructions and more information.