Configuring Connectors (Server)
- + Add New Connector
- bulk start all connectors (see bulk start parameters below)
- bulk stop all connectors
- delete the connector (user must be logged into the connector group to delete)
- exit the connector group.
Add ConnectorTo add a new connector, select “+Add New Connector” button and a list of available connectors is presented. Connector options are: Cloud Providers, Configuration Managers, Direct Devices and Volume Shares Upon selecting the Connector type to add, the user is requested to fill in connection information. Connector information varies by vendor. The connector configuration for a Palo Alto device is as follows: The user must enter a Connector name (no spaces), host name, and credentials. The user can then verify the credentials are correct with the “Test credentials” button. The user can setup the polling cycle and provide the workspaces to deliver the resultant information. Polling Cycles are:
- On demand
Configuration Management SystemsFor Configuration Management Systems and file Shares, additional information may be required. The user can retrieve a list of files from the device and filter the results. To include specific files, put them in the include list field. To exclude files, put them in the exclude list field. If both lists are used, include list filter will be applied first and the exclude list filter to the results of the include list filter. If the share is PGP encrypted, a PGP Public key will be required. Workspaces must be added to the connector for data to be transferred and displayed in the workspace. If workspaces are added after a connector is setup, data will not be sent to the workspace until the next scheduled import and a configuration change is identified. Creating workspaces before connectors facilitates faster visualization of data.
Connector TileOnce the connector is added, a tile is added to the connectors home page. Connector tiles are sorted by the characters in their names using standard Linux conventions:
- special char
- uppercase [A-Z]
- underscore (possibly other special chars)
- lowercase [a-z]
- manually activate the connector for a one time data pull
- run / pause the connector
- edit the connector
- copy the connector
- delete the connector.
- red – connector failed
- blue – connector scheduled to run
- gray – connector paused
The Connector for Forescout 8.1 and later enables integration between CounterACT and NP-View such that network device configuration files managed by CounterACT can be automatically imported into NP-View and aggregated into specific workspaces. Currently, Cisco switches are supported through the Forescout Switch Plugin.
- Download the Forescout Extended Module for NP-Vie from https://updates.forescout.com.
- Start your Forescout Console and login into Enterprise Manager.
- Then open “Options”, select “Modules”, and install the fpi.
To request additional support for this connector or to request support for other devices, please contact firstname.lastname@example.org.
When connecting a connector to a Windows Server using SMB, an error message may occur.
This error can be caused by two communication scenarios between Linux and Window. Either SMB encryption is enabled on the Server or SPN target name validation level is enabled (or both). To check which of these features is causing the issue, Run PowerShell on the Windows Server as administrator and run the following command:
If EncryptData = True, it can be disabled using:
Set-SmbServerConfiguration -EncryptData 0
If SmbServerNameHardeningLevel is set to any value other than the default of 0 run:
Set-SmbServerConfiguration -SmbServerNameHardeningLevel 0
to restore the default.
In some instances, the Linux distribution is preventing the connectors (Docker) from initiating connections to outside devices. The solution is to update the firewall settings on the Linux distribution using the following commands:
# firewall-cmd --zone=public --add-masquerade --permanent # firewall-cmd --reload # systemctl restart docker
The NP-View Connector for Cisco uses a read-only SSH connection to collect the output of the
show running-config command. It is best practice to create a dedicated read-only user on your Cisco devices when configuring connectors. Here are the commands to only give the minimum permissions needed for this user:
conf t aaa authorization command LOCAL privilege show level 2 mode exec command running-config privilege cmd level 2 mode exec command terminal username $USERNAME password $PASSWORD priv 2 end
To help balance the processing load of managing multiple connectors and improve user experience on the topology map, the bulk start function can be scheduled to off hours using system parameters. The docker-compose.yml file contains two parameters for the bulk system start function in the
monitor: environment: section
connBulkStartTime=21:00:00# defines the start time for the connectors, format is Hours:Minutes:Seconds, 24 hour clock.
connBulkStartSpread=00:15:00# defines the connector start stagger, format is Hours:Minutes:Seconds
Connectors can be deleted by entering the connector group name and passphrase to gain access to the connector. The connector can be deleted by selecting the trash can in the upper right corner.
If the passphrase is forgotten, the connector can be forcefully deleted by the Linux Admin by removing the connector file from the folder