Page Comparison

...

...

Configure policies

policies are a set of checks or parameters that are applied to Caches when they run.

...

This policy is applied to a NodeName discovery, this allows for allowing reports to be run on Nodes that have been removed from Yarngate (eg e.g. the interface) or if a node in a cluster is removed.

Defines the number of days before a Node is marked as Inactive , and when the Node is deleted. Below shows the Default

...

A custom policy can be added by Navigating to Administration > Caching > Policies > Create Policy.

Account age

...

A custom policy can be added by Navigating to Administration > Caching > Policies > Create Policy.

Audit Config

An Audit policy are is used with the Node Cache and System Audit Check report. Yarngate will collect via AXL/Soap the audit configuration settings and check these against the policy to validate

...

An Audit policy can be added by Navigating to Administration > Caching > Policies > Create Policy.

...

Configure Caches

Nodes

The Node Cache is used to speed speeds up reporting by not needing to continually poll the systems each time a report is run continually. The Node Cache is populated via entitlement group(s).

Policies are applied to the Node cache to check for Audit configuration settings , and age out deleted or unreachable Nodes as per the Policy.

A Schedule is recommended to be applied to keep the cache up-to-date , and to be run just before a maintenance windows end, window ends to allow the capture of any new nodes or removal.

...

Apply the Node, Audit Policy and Entitlement group(s) and press save

...

Once saved, navigate back to the new cache, and the Add a schedule Schedule button will be visible.

...

Add You can add the required details for the schedule with enable toggled at the bottom.

...

Navigate You can just navigate back to the cache to see the Schedule status of the Schedule.

...

To modify or disable the schedule, press modify, make the required changes and press save.

...

Subnet Groups

Subnet groups contain either Individual host hosts or Subnets, ; These are then linked to Subnet Group Lists.

...

Subnet Lists

Subnet List contain 1 contains one or more groups of Subnets, ; These are applied to robot accounts to validate that Robot accounts are being used from known hosts/systems.

...

...

Templates

Templates can be used to preform on going perform ongoing AdHoc reports with pre-filled details , or assigned to a Schedule to preform perform reoccurring reports.

Navigate to Administration > Reporting > Templates

Select the template type and populate the presets.

...

Select a Template followed by pressing and press Create Report From Template , to run an adhoc ad hoc report.

...

Schedules

Report templates are assigned to a Schedule to be run at regular intervals

• Hourly

• Daily

• Weekly

• Monthly

Reports are created based on a Schedule with the option to send Element counters to winprtg via an HTTP (s) Push.

Currently, the Metrics pushed to winprtg include

Robot Accounts

This report allows us to cross-check Robot accounts logging in from unknown IP addresses based on matching Defined subnets.

The report within the GUI will show logins from unknown (unmatched subnets) and the tally.

The xlsx contains all the Matched and Unmatched Subnets for the Robot accounts.

Due to the unstructured nature of the syslog messages, we need to exclude any activities from an enduser as well as some internal system actions; below are the default exclusions.

...

System Audit Check

This report uses the Node Cache to validate settings via AXL/Soap to confirm the Audit Policy complies with the expected values.

This is done on a NodeCache level

This will check the policy for

• audit enabled

• detailed audit enabled

• correct audit level (6, informational)

• being sent to one of the Syslog servers defined (the cucm audit config can only send to 1 syslog server)

the xlsx export contains all the configured details and the policy being tested against.