eDirectory

Applies To: NetIQ eDirectory (Previously known as Novell eDirectory) v8.8 SP7 or later.

Overview

eDirectory is a highly scalable, high-performing, secure directory service. It can store and manage millions of objects, such as users, applications, network devices, and data. Novell eDirectory offers a secure identity management solution that runs across multiple platforms, is internet-scalable, and extensible.

EventTracker is an enterprise-class platform that seamlessly combines SIEM, Log Management, File Integrity Monitoring, machine Analytics and so forth. It is designed to address an ever-changing landscape of threats and challenges, with a full suite of high-performance tools for security, compliance, and operations. EventTracker delivers comprehensive, useful and actionable insight into what is really going on in and around an enterprise IT environment.

EventTracker Knowledge Pack for eDirectory allows you to monitor following:-

• Account Management events.
• Authentication events.
• Role Management events.
• Service or application events.
• System Events.
• Data Item or Resource Element events.

Previous Next

Once events are successfully received by eventTracker,alerts and reports can be configured based on your requirements.

Some of the Knowledge packs are listed below.You can go through the integration guide for more references.:

Categories and Reports:-

• eDirectory: Account created - This category based report provides information about created accounts.
• eDirectory: Account deleted - This category based report provides information about deleted accounts.
• eDirectory: Account disabled - This category based report provides information about disabled accounts.
• eDirectory: Access token created - This category based report provides information about created access tokens.
• eDirectory: Authentication failed - This category based report provides information about user authentication failures.
• eDirectory: Session authenticated - This category based report provides information about user authenticated sessions.
• eDirectory: Peer association created - This category based report provides information about to new peer association creations.
• eDirectory: Peer association destroyed - This category based report provides information when a existing peer association is destroyed.
• eDirectory: Role created - This category based report provides information related to create a new role, or an attempt is made to create a new role.
• eDirectory: Role deleted - This category based report provides information when an existing role is deleted, or an attempt is made to delete an existing role.
• eDirectory: Service terminated - This category based report provides information about terminated services.

Alerts:-

• eDirectory: Account created - This alert is generated when an account is created.
• eDirectory: Authentication failed - This alert is generated when a user authentication failed.
• eDirectory: Role created - This alert is generated when create a new role, or an attempt is made to create a new role.
• eDirectory: Role deleted - This alert is generated when an existing role is deleted, or an attempt is made to delete an existing role.
• eDirectory: Service disabled - This alert is generated when a service, operation or function is disabled..
• eDirectory: System shutdown - This alert is generated when a service, operation or function is enabled.

Scope

The information in this guide is consistent with EventTracker Enterprise version 7.X and later, and NetIQ eDirectory (Previously known as Novell eDirectory) v8.8 SP7 or later.

Documentation:

For more information please refer the Integration guide