InTrust Plug-in for Privilege Manager
Quest® InTrust for Active Directory provides a centralized auditing point allowing you to collect and report on the audit data from Privilege Manager as well as many other data sources you may have in your IT infrastructure.
Figure 10: Audting with InTrust Plug-in
InTrust for Active Directory auditing capabilities allow you to collect and report on the audit data from your Privilege Manager Security system. Featuring a fully automated workflow, InTrust for Active Directory helps you:
- Gather the Privilege Manager event logs from the policy servers running on several different platforms
- Consolidate, store, and analyse the gathered data
- Create reports on various aspects of your Privilege Manager security system operation
InTrust for Active Directory provides reports on the following Privilege Manager System areas:
- All events
- Elevated privilege events
- All events grouped result
- Out of band events
- Rejected events
InTrust Plug-in requirements
InTrust for Active Directory supports Privilege Manager version 5.5 and above.
You can collect data from Privilege Manager hosts running on any of the UNIX platforms supported by InTrust.
To use the MSI installer for the InTrust Reporting Pack, your InTrust Server must use the WindowsSQL Server 2005 as its back-end database.
Installing InTrust Plug-in components
To configure InTrust for Privilege Manager you must install and configure several components separately. The diagram below shows the major components for the InTrust for Active Directory Plug-in.
Figure 11: InTrust Plug-in components
To install and configure the InTrust for Active Directory Plug-in components
- Install Privilege Manager and identify which logs you wish to audit.
- Install and configure the pmintrust.sh script to run as the root user to extract the relevant data.
One Identity recommends that you set up a daily cron job to run “pmrun pmintrust.sh” as the pmpolicy service user.
- Install an InTrust Agent on the Privilege Manager Policy Server.
- Configure the InTrust Server: Finding, Gathering, and Storing.
- Gather Data.
- Configure the InTrust Server: Reporting.
InTrust Plug-in installation prerequisites
Before you install the InTrust for Active Directory components: