サポートと今すぐチャット
サポートとのチャット

One Identity Safeguard for Privileged Passwords 6.9 - Administration Guide

Introduction System requirements and versions Using API and PowerShell tools Using the virtual appliance and web management console Cloud deployment considerations Setting up Safeguard for Privileged Passwords for the first time Using the web client Getting started with the desktop client Using the desktop client Search box Privileged access requests Toolbox Accounts Account Groups Assets Asset Groups Discovery Entitlements Partitions Settings
Access Request settings Appliance settings Asset Management settings Backup and Retention settings Certificates settings Cluster settings Enable or Disable Services settings External Integration settings Messaging settings (desktop client) Password Management settings Real-Time Reports Safeguard Access settings SSH Key Management settings
Users User Groups Disaster recovery and clusters Administrator permissions Preparing systems for management Troubleshooting Frequently asked questions Appendix A: Safeguard ports Appendix B: SPP 2.7 or later migration guidance Appendix C: SPP and SPS join guidance Appendix D: Regular Expressions About us

Email Templates

Safeguard for Privileged Passwords provides default email templates for most events, such as Cluster Primary Quorum Fails or Access Request Denied. Each event type triggers an email notification that uses the template.

Go to Email Templates:

  • web client: Navigate to External Integration | Email Templates.
  • desktop client: Navigate to Administrative Tools | Settings | External Integration | Email then scroll to the Email Templates section.

Use these toolbar buttons to manage email templates.

Table 171: Email template: Toolbar
Property Description

Reset

Reset the selected template to the default.

Edit

Modify the selected email template.

Refresh

Update the list of email templates.

Search

To locate a specific template, enter the character string to be used to search for a match. For more information, see Search box.

Macro properties

Each event type supports specific macros in the template that are appropriate for that type of event. When editing a template, you can click Insert Event Property to select properties to insert into the text of the Subject line or Body using keywords surrounded by double braces. For example, you may select the following event properties in the Subject of your email:

Access Policy Created {{EventDescription}} {{PolicyId}}

Safeguard for Privileged Passwords ignores macros that are not supported by the event type. Unsupported macros appear blank in the email preview. Additionally, a warning message like the following may displays: Invalid format for BodyTemplate property.

To edit an email template

Modify an email template to change any information except the Event type. If you later want to revert to the original template, you can select the template then click Reset . To modify an email template, use the following steps.

  1. Go to Email Templates:
    • web client: Navigate to External Integration | Email Templates.
    • desktop client: Navigate to Administrative Tools | Settings | External Integration | Email and scroll to the Email Templates section.
  2. In the Email Template grid, select the template to modify and click. Edit.
    1. Event: For more information, see Enabling email notifications.

    2. Subject: Edit the subject line for the email message.

      As you type, click  Insert Event Property Macro to insert predefined text into the subject line. For example, you may create the following subject line:

      Approval is required for {{Requester}}'s request

      where Safeguard for Privileged Passwords generates the data defined by the macro within the double braces.

      Limit: 1024 characters

    3. Reply to: Enter the email address of the person to reply to concerning this notification.

      Limit: 512 characters

    4. Body: Enter the body of the message.

      As you type, click  Insert Event Property Macro to insert predefined text into the body. For example, you may create the following body for an email template:

      {{Requester}} has requested the password for {{AccountName}} on {{AssetName}}

      where Safeguard for Privileged Passwords generates the data defined by the macro within the double braces.

      Limit: 16384 characters

    5. Preview Email: Select this link to display the Preview Email dialog so you can see how your email message will look.
    6. Click OK. The updated template is added to the Email Template grid.
  3. If you want to return to the default, select the email template then click Reset.

To add an email template

desktop client only

You can add individual email templates, for example to provide notification when emergency access is granted

Add an email template if you want to keep the original template and simply create an additional template for the Event.

  1. Navigate to Administrative Tools | Settings | External Integration | Email and scroll to the Email Templates section.

  2. In the Email Template grid, click Add. It doesn't matter what template is selected.
    1. Select the Event. The default may be different than the template selected. An additional template for the event type will be added.

    2. Enter or select a Subject. You can click to add an event property.
    3. Enter a Reply To.
    4. Enter the Body content. You can click to add an event property.
    5. Click Preview Email to see what will be sent.
    6. Click OK. The template is added to the Email Template grid.

  3. If you want to return to the default, select the email template then click Reset.

Identity and Authentication (desktop client)

desktop client: To find the detail for using Identity and Authentication, see Identity and Authentication

SNMP

Simple Network Management Protocol (SNMP) is an Internet-standard protocol for managing devices on IP networks. One Identity Safeguard for Privileged Passwords allows you to configure SNMP subscriptions for sending SNMP traps to your SNMP console when certain events occur.

Go to SNMP:

  • web client: Navigate to External Integration | SNMP.
  • desktop client: Navigate to Administrative Tools | Settings | External Integration | SNMP.

The SNMP pane displays the following about the SNMP subscribers defined.

Table 172: SNMP: Properties
Property Description
Network Address The IP address or FQDN of the primary SNMP network server
Port The UDP port number for SNMP traps
Version The SNMP version being used
Community The SNMP community string being used by the SNMP subscriber
Description The description of the SNMP subscriber
# of Events The number of events selected to be sent to the SNMP console

Use these toolbar buttons to manage the SNMP subscriptions.

Table 173: SNMP: Toolbar
Option Description
Add Add a new SNMP subscription. For more information, see Configuring SNMP subscriptions.
Remove

Remove the selected SNMP subscription.

Edit Modify the selected SNMP subscription.
Copy Clone the selected SNMP subscription.
Refresh Update the list of SNMP subscriptions.

Configuring SNMP subscriptions

It is the responsibility of the Appliance Administrator to configure Safeguard for Privileged Passwords to send SNMP traps to your SNMP console when certain events occur.

You can create a test to verify the SNMP configuration. For more information, see Verifying SNMP configuration.

To download Safeguard for Privileged Passwords MIB-module definitions from your appliance, enter the following URL into your web browser; no authentication is required:

https://<Appliance IP address>/docs/mib/SAFEGUARD-MIB.mib

To configure SNMP subscriptions

  1. Go to SNMP:
    • web client: Navigate to External Integration | SNMP.
    • desktop client: Navigate to Administrative Tools | Settings | External Integration | SNMP.
  2. Click Add to open the SNMP subscription configuration dialog.
  3. Provide the following information:
    • Network Address: Enter the IP address or FQDN of the primary SNMP network server. Limit: 255 characters
    • UDP Port: Enter the UDP port number for SNMP traps. Default: 162
    • Description: Enter the description of the SNMP subscriber. Limit: 255 characters
    • Events: Browse to select one or more SNMP event types. Use the Clear icon to remove an individual event from this list or right-click and select Remove All to clear all events from the list. The SNMP pane displays the number of events that you select, not the names of the events.
    • Version: Choose the SNMP version: Version 1 or Version 2. Default: Version 2.
    • Community: Enter the SNMP community string, such as public. The SNMP community string is like a user ID, password that allows access to a device's statistics, such as a router. A PRTG Network Monitor sends the community string along with all SNMP requests. If the community string is correct, the device responds with the requested information. If the community string is incorrect, the device simply discards the request and does not respond.
  4. Click OK.

関連ドキュメント

The document was helpful.

評価を選択

I easily found the information I needed.

評価を選択