Before starting to use One Identity Safeguard for Privileged Sessions (SPS) with external indexers, consider the following:

• If there is a firewall between the host of the external indexer and SPS, enable connections from the external indexer to SPS.

  The default port is TCP/12345. To change the port number, you have to modify the indexer settings on SPS, and upload the new configuration to the external indexer(s).

• To protect the sensitive data in the audit trails, ensure that the audit trails are encrypted. For details on encrypting audit trails, see Encrypting audit trails.

• Make sure to permit indexer access only to the hosts that really run external indexers on the Basic Settings > Local Services > Indexer service page of the SPS web interface.

• NOTE: The current OCR engine cannot guarantee accurate character recognition for non-Latin characters smaller than 30 x 30 pixels. If you encounter problems with character recognition for non-Latin characters, increase resolution settings in your connection.

• The external indexer can be installed on the following 64-bit operating systems: Red Hat Enterprise Linux Server 7, 8, and their derivatives, such as CentOS, Oracle Linux, AlmaLinux, Rocky Linux, etc.

  NOTE: Derivatives are supported only if an issue can be reproduced on an official RHEL distribution. Do not report issues specific to a derivative OS but not to RHEL.

• Update your system:

  yum update

  Download the External Indexer bundle from the SPS box itself:

  curl https://<SPS-IP>/external-indexer.rpm -o external-indexer.rpm

  Install the bundle:

  yum install external-indexer.rpm

If your security policy does not permit the above limitations, or your environment does not make it possible to fulfill them, do not use external indexers with SPS.