• Spaces
  • Collections
  • Help
    • ×
     
     
    •  
    BMC TrueSight IT Data Analytics 1.1

    Page tree

    This topic provides instructions on enabling security for the Collection Station, as follows:

    Note

    If you want to secure the Collection Station scaled out on separate remote nodes, then after installing the Collection Station on each of the remote nodes, ensure that you copy the KeyStore that you generated on the server with the first Collection Station instance in your environment.

    Before you begin

    • Ensure that you have generated a KeyStore and a TrustStore (in the JKS format). For more information, see Generating a KeyStore and TrustStore.
    • Ensure that you have generated a self-signed certificate.
    Related topics

    To enable security for the Payload Service

    1. Configure the Collection Agent and the Collection Station, as follows:
      • Collection Agent:
        1. Navigate to the following directory, as appropriate:
          • Windows: %PATROL_HOME%\bww\udc\conf
          • Linux: $PATROL_HOME/bww/udc/conf
        2. Perform the following actions:
          • Copy the server.jks file obtained while generating the TrustStore.

          • Locate the flume.conf file and open it in a text editor and set the directory path to the TrustStore that you generated earlier by adding the following lines:

            a1.sinks.k1.ssl = true
            a1.sinks.k1.truststore = <TrustStoreLocationPath>
            a1.sinks.k1.truststore-password = <TrustStorePassword>
            a1.sinks.k1.truststore-type = JKS

            where,

            <TrustStoreLocationPath> refers to the absolute path of the TrustStore location. On Windows, this path must be specified in the UNIX-style syntax (with forward slashes). For example, %PATROL_HOME%\bww\udc\conf.

            <TrustStorePassword> refers to the password that you provided while generating the TrustStore.

        3. Save your changes.

      • Collection Station:
        1. Navigate to the following directory, as appropriate:
          • Windows: %BMC_ITDA_HOME%\station\collection\custom\conf
          • Linux: $BMC_ITDA_HOME/station/collection/custom/conf/
        2. Locate the flume.conf file and open it in a text editor.

        3. Set the directory path to the KeyStore that you generated earlier by adding the following lines:

          a1.sources.r1.ssl=true
          a1.sources.r1.keystore=<KeyStoreLocationPath>
          a1.sources.r1.keystore-password=<KeyStorePassword>
          a1.sources.r1.keystore-type = JKS

          where, 

          KeyStoreLocationPath refers to the absolute path of the KeyStore location. On Windows, this path must be specified in the UNIX-style syntax (with forward slashes). For example, C:/Program Files/BMC Software/TrueSight/ITDA.

          KeyStorePassword refers to the password that you provided while generating the KeyStore.

        4. Save your changes.
    2. Re-start the Collection Agent and the Collection Station. For more information, see Starting or stopping product services.

    To enable security for the Configuration Channel

    1. Configure the Collection Agent and the Collection Station, as follows:
      • Collection Agent:
        1. Navigate to the following directory, as appropriate:
          • Windows: %PATROL_HOME%\bww\udc\conf
          • Linux: $PATROL_HOME/bww/udc/conf
        2. Locate the agent.properties file and open it in a text editor.

        3. Add the property, stationprotocol=https.

        4. Save your changes.

      • Collection Station:
        1. Navigate to the following directory, as appropriate:
          • Windows: %BMC_ITDA_HOME%\station\collection\custom\conf\
          • Linux: $BMC_ITDA_HOME/station/collection/custom/conf/
        2. Locate the agent.properties file and open it in a text editor.
        3. Add the following properties:
          • stationprotocol=https
          • keystoreFilePath=<KeyStoreLocationPath>
          • keystoreFilePassword=<KeyStorePassword>
          In the preceding properties, the following values apply:
          • <KeyStoreLocationPath> refers to the directory path where the KeyStore is located. On Windows, this path must be specified in the UNIX-style syntax (with forward slashes) and with a forward slash at the beginning of the path.
          • <KeyStorePassword> refers to the KeyStore password that you provided while generating the KeyStore.

        4. Save your changes.

    2. Re-start the Collection Agent and the Collection Station. For more information, see Starting or stopping product services.
    © Copyright 2005-2024 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.