NetIQ Sentinel: Ability to Export\Import Routing Rules

In some environments there may be many routing rules configured in Sentinel to do things like forward events via Sentinel link, tag events, or forward to another syslog host. If you have multiple Sentinel servers in the enterprise, you may need to set up the same rules on each server...a manual process is tedious and error prone. It would be nice if there was a way to export\import selected routing rules in the webUI or in the solution designer.

by: Eric L. | over a year ago | Configuration

The REST API allows you to automate such settings in an enterprise with multiple servers: https://sentinel:8443/SentinelRESTServices/apidoc/en/api-ref/Events/event-routing-rule-list.html

by: Norbert K. | over a year ago
Eric, is what Norbert is referring to adequate for automating these tasks?

by: Ted E. | over a year ago
Solution Designer would be preferred for me as well. On tool to copy all custom content out of SIEM. I have a client that has a master SIEM that needs to replicate content to other SIEM's easily.

by: Bryan W. | over a year ago

Micro Focus Enhancement Requests Portal is moving. We are migrating the IDEAS from this site to the New Idea Exchange on May 6th. For more information on the new Idea Exchange please visit the Community FAQs.

2

Ability to Export\Import Routing Rules

Comments