×
 
 
  •  
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')
BMC Helix Cloud Security Administering

Managing connectors

You must be able to manage the connectors configured in your environment so that you can manually start or stop the data collection process or re-download a connector for various reasons.

In BMC Helix Cloud Security, click Configure icon > Connectors in the navigation bar to view the Manage Connectors page. This page displays a list of connectors that are configured for collecting resource data. For each connector, you can perform the following tasks:

Note

Options available from the connector panel are only enabled for Admin users and not View Only users.

To access the latest information about this topic and all Cloud Security releases, check out the Release notes and notices.

Adding a connector

From the Manage Connectors page, click Add a Connector to begin the onboarding process.

For more information about completing the onboarding process for a connector after it is added, see Onboarding.

Reviewing the status of a connector

On the Manage Connectors page you can view the following information about each connector:

  • Fully qualified domain name (FQDN)
  • Date and time of the download
  • Time since the connector has been in the Suspended state
  • Errors, if applicable

Active or enabled connectors can be in one of the following states:

  • Running: The connector receives a heartbeat from the data source, and therefore the data collection process is active. The connector can now collect specific resource information.
  • Downloaded: The connector has just been downloaded and will possibly go into the Running state once the data collection process starts. Once the connector is in the Running state, it cannot be re-downloaded.
  • Suspended: The connector does not receive a heartbeat or any data from its scheduled polling interval (or at all) from the data source and therefore enters the temporarily suspended the data collection process
  • Disabled: The user manually disables or deactivates the data collection and publishing of the resource from the data source.

If an error occurred during onboarding, an error icon appears next to the displayed state of the connector. Click the icon to display the cause of the error and the recommended action to correct it.

Enabling, disabling, or downloading (re-downloading) a connector

The following table lists the enabling, disabling, and dowloading actions that you can perform on a connector after it is has been added.

Icon or Menu ItemDescription

Choose Enable from the connector panel menu to enable a connector so that it can receive resource information from its source.

The connector displays in the Enabled state.

 

Choose Disable from the connector panel menu to disable a connector so that it can no longer receive resource information from its source.

The connector displays in the Disabled state.

(For on-premise connectors only) Choose Download from the connector panel menu to download or re-download the connector. You might want to re-download a connector in the following situations:
  • A previous download of connector failed.
  • A previously downloaded connector is in the Suspended state.
  • A previously downloaded connector is in the Downloaded state.

Note

You cannot download a connector that is in the Running state.

After re-downloading a connector, the original connector can no longer be used.

Deleting a connector

You might want to reduce connector sprawl on your Manage Connectors page, especially for the purpose of eliminating unused connectors.

You can delete a connector that is in any of the following states:

  • Disabled
  • Suspended
  • Downloaded

If the connector is in the Running state, click Disable to disable the connector before deleting it.

  1. From the Manage Connectors screen, select the menu of the connector you want to delete and choose Delete.
      

  2. On the Delete Confirmation page that is displayed, click OK.
    The connector is deleted and removed from the Manage Connectors page.

Note

Data associated with the connector is not deleted. Any policies associated with the deleted connector are unaffected. Deleting a policy deletes the data associated with one or more connectors (this deletes all data associated with that policy, which might be coming from multiple connectors).

Editing a connector

The editing option enables you to change configuration parameters you set during the connector onboarding process.

Note

You can only edit a connector that is in the Downloaded or Disabled states.

  1. From the Manage Connectors screen select the menu of the connector you want to edit and choose Edit

  2. On the Edit Connector Configuration page that displays, change the parameters as required and click Save Configuration.

A success message displays indicating that the configuration changes have been saved.
The connector properties are modified with the environment-specific connector values you provided.
The configuration persists only for this connector and applies to all subsequent runs unless the connector is edited again.

Running on-demand compliance scans

You can run a compliance scan by directly from the downloaded connector. This can be useful for existing connectors that have long intervals between scans based on a set schedule, and you decide that you want to perform an ad-hoc scan. In this case you can trigger the collection cycle to happen right away instead of or in addition to setting a scheduled scan in the future.

When onboarding the connector, the mode is set to run a scan On Demand by default. Both collection modes enable you to run on-demand scans. You can run an on-demand scan on a connector in the Running state (by clicking the Evaluate Now button on the connector panel) or by enabling a connector in the Disabled state that is already set to run the collection cycle on a schedule.

To run an on-demand scan on a connector in the Running state:
  1. Choose Configure icon > Connectors.

  2. On the Manage Connectors screen, locate the connector on which you want to run compliance and click Evaluate Now.
    The next scheduled run displays as NA on the connector panel.


    A message displays indicating that your request has been submitted and the resources are being evaluated.
    If you already submitted an evaluation request, an error message displays indicating that the connector is already running the original request.

Optionally, for a connector that is disabled and was previously set to run on a schedule, you can enable the connector and the Evaluate Now option displays.

The next scheduled run displays on the connector panel according to the schedule that was previously set.

Updating a connector

Cloud Security now enables you to update a connector to a newer version if one is available. This helps avoid conflicts with compatibility with newer versions of policies with existing connectors. If you have an older connector in a Tenant and try to onboard a newer version of the connector, the connector might not be compatible with the policies currently mapped to it.

If a newer version is available for the connector you have onboarded, an information banner displays on the bottom pane of the connector panel on the Manage Connectors page, as shown in the following illustration:

To update the connector:

Note

Instructions that are displayed in the Connector Update dialog might vary depending on the current state of the connector on the Manage Connectors page. For example, a connector that is already running will have instructions to disable the connector before proceeding with the update. A connector that is already disabled will have instructions to start by stopping that connector.

  1. If the connector is not already disabled, choose Disable from the connector menu to disable a connector so that it can no longer receive resource information from its source.

  2. Log into the host of the connector and stop the connector service.

    At a Command Prompt, at the same location as the install.bat file, type the following command:

    install.bat stop

  3. Return to the Manage Connectors screen and choose Download from the menu to download the updated connector.
    The latest version of the connector that is available in Cloud Security is downloaded.

  4. After the new connector is downloaded, on the Manage Connectors screen, choose Enable from the connector panel menu.
  5. On the new host, onboard the new connector.

  6. On the new host, start the connector.

    At a Command Prompt, at the same location as the install.bat file, type the following command:

    install.bat start

    The updated connector can now receive resource information from its source.

Related topics

Onboarding

Creating a custom connector and policy


Was this page helpful? Yes No Submitting... Thank you
Last modified by Shubhangi Mahajan on Apr 08, 2020

Comments

Log in or register to comment.

Using a Java-based connector to create a custom connector
Managing policies
© Copyright 2017-2023 BMC Software, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2024 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.