Contents x
- 📑
Getting Started
- About senhasegura
- Use Cases
- Technical specification
- senhasegura Installation
- Architecture
- Virtual Appliances
- Crypto Appliance
- Deploy on cloud provider
- Firewall rules
- Administrative users
- How to activate the senhasegura license
- How to set up the network and change the hostname
- How to accept the End User License Agreement
- Backup
- Data Replication
- How to enable the application
- Update senhasegura
- Troubleshooting
- Basic Usage
- 📣 News v3.33
- ⚙️
Settings
- Explanation
- About Active Directory
- About Segregated Entities and Their Properties
- About User Groups
- About Related Users
- About the Access Control Layer
- About the Master Key
- About OpenID
- About LDAP/AD servers
- About senhasegura's ITSM integration
- About the Notifications
- About the authentication process with Active Directory
- About SAML
- How-to guides
- Information about settings
- User management
- Authentication
- Notifications
- Backup
- SSH
- Integrations with ticket systems
- How to manage integrations with ticket systems
- How to configure a Freshdesk integration on senhasegura
- How to configure the integration with CA Service Desk Manager in senhasegura
- How to configure GLPi integration in senhasegura
- How to configure Zendesk integration in senhasegura
- How to configure Jira Service Desk integration in senhasegura
- How to configure ServiceNow integration in senhasegura
- How to manage approver users
- How to manage bulk actions requests
- How to configure the logo in senhasegura
- Change Audit
- How to use the Emergency panel
- Logs and data purge
- Reference
- LDAP/AD
- E-mail notifications
- System Parameters
- Users management
- Services
- Multi-factor authentication
- User authentication tokens
- Export history
- Protected Informations
- Master Key
- Servers
- View Master Key
- Credentials
- Bulk operations report
- Backup Logs
- Identity management providers (IGA)
- Notifications
- List notifications
- My Notifications
- Notification texts
- OpenID providers
- Types of providers
- Providers
- Provider by user
- RADIUS server
- SAML providers
- Screen notification parameters
- SIEM
- Sent notifications
- Synchronized users
- Synchronized users for IGA
- System Parameters
- User authentication tokens
- TACACS servers
- Explanation
- 📦
senhasegura 360
- PAM Core
- Credential Management
- Devices
- Explanation
- How-to guides
- How to perform a batch import
- How to download the template file for batch import
- How to use the “Bulk Action” feature for devices
- How to approve bulk actions requests
- How to configure a device
- How to manage devices
- How to manage devices without credentials
- How to configure device categories
- How to download a local connection file for Putty and Remote Desktop
- How to check the device connectivity
- How to consult device logs
- Reference
- Credentials
- Explanation
- How-to guides
- How to setup up a credential in senhasegura
- How to register an application credential
- How to create a credential policy
- How to create a pool of credentials
- How to use domain credentials
- How to register password strength
- How to use the "bulk action" feature for credentials
- How to verify the execution history of a credential
- How to reconcile a credential
- How to configure a reconciliation credential
- How to generate a TOTP authentication token
- How to use MFA authentication with YubiKey
- How to configure a JIT credential in senhasegura
- How to connect using a JIT credential
- How to set up an SSH key
- How to perform remote access with SSH key
- How to manage SSH keys
- Reference
- Reference for access control reports
- Reference for credentials
- Reference for credential types
- Reference for domain credentials settings
- Reference for password strength
- Reference for pool of credentials
- Reference for credential policies
- Reference for credential management
- Reference for credential filtering
- Reference for JIT credentials
- Devices
- Session Management
- Explanation
- PAM Dashboard
- Session Actions
- Remote Session
- Session text
- Transfered files
- Blocked users
- PAM - Access Group
- Access Request Worlfow
- Exceptional Access
- Remote Session Configuration
- Personal Credential
- Audit
- Video Session
- senhasegura Proxy
- Database Proxy
- About Oracle wallet
- About compatibility with legacy MS SQL Server
- How-to guides
- How to configure senhasegura Database Proxy
- Database Proxy for Oracle - Setup guide
- Oracle Stand Alone Environment
- How to create the Oracle DB server Wallet
- How to generate the database credential’s certificate and key
- How to create a senhasegura user wallet
- How to configure the Oracle server to use wallet authentication
- How to configure a device in senhasegura to use the Database Proxy with Oracle
- How to configure a credential in senhasegura to use the Database Proxy with Oracle
- How to configure IDEs for the end user to connect to Oracle DB
- Oracle Cluster Environment with grid infrastructure
- How to configure the wallet for Oracle in a cluster with grid infrastructure
- How to create a senhasegura user wallet
- How to configure a device in senhasegura to use the Database Proxy with Oracle
- How to configure a credential in senhasegura to use the Database Proxy with Oracle
- How to configure IDEs for the end user to connect to Oracle DB
- How to collect the senhasegura user certificate
- Oracle Stand Alone Environment
- MS SQL Server sessions
- PostgreSQL sessions
- Oracle sessions
- How to start a Database Proxy Oracle session with DBeaver on Linux
- How to start a Database Proxy Oracle session with DBeaver on Windows
- How to start a Database Proxy Oracle session with SQL Developer on Linux
- How to start a Database Proxy Oracle session with SQL Developer on Windows
- How to start a Database Proxy Oracle session with SQL Plus
- How to modify Database Proxy port number
- Web Proxy
- About Customize settings - Web sessions parameters
- About HTTP web sessions
- How-to guides
- How to register a new web session parameter
- How to access a Web Proxy session
- How to transfer or download a file in HTTP Web Proxy sessions
- How to transfer files between Web HTTP/HTTPS sessions
- How to transfer a file over RDP Web Proxy sessions
- How to perform a PDF download in HTTP/HTTPS Web Proxy sessions
- Reference
- RDP Proxy
- Terminal Proxy
- About Encryption keys - Terminal Proxy
- About senhasegura Terminal
- How-to guides
- How to make an SSH connection via Terminal Proxy
- How to make an SSH Multihop connection via Terminal Proxy
- How to make a TELNET connection via Terminal Proxy
- How to transfer a file in Terminal Proxy sessions using SFTP
- How to transfer a file in Terminal Proxy sessions using SCP
- How to set up SSH SOCKS Tunnel for private browsing
- RemoteApp
- Troubleshooting
- Citrix Virtual Apps and Desktops
- How-to guides
- How to install Citrix Bridge Server using Docker container
- How to install Citrix Bridge Server using senhasegura Extended Services OVA
- How to add Citrix Bridge Server as a device
- How to add a RemoteApp to Citrix Bridge Server
- How to add Citrix Bridge Server credential
- How to access a Citrix desktop or application
- How-to guides
- Use cases
- Credential Management
- DevOps Secret Manager
- Explanation
- About the Secrets management dashboard
- About access control
- About applications and authorizations per application
- About authenticators in DSM
- About CI/CD
- About dynamic provisioning
- About encryption keys
- About events in DSM
- About plugins in DSM
- About secrets in DSM
- About the CI/CD variables dashboard
- About profiles on dynamic provisioning
- About the Application dashboard
- How-to guides
- How to manage authorizations per application
- How to manage an application
- How to manage secrets
- How to manage dynamic provisioning in DSM
- How to use bulk actions for secrets
- How to create and manage encryption keys
- How to use a DSM automation to inject a secret
- How to manage DSM automations
- How to configure authenticators
- Hot to use DevOps Secret Manager CLI
- How to integrate DSM with Azure DevOps
- How to integrate DSM with GitHub Actions
- How to integrate DSM with GitLab CI/CD
- How to integrate DSM with Jenkins
- How to integrate DSM with Kubernetes
- How to manage access groups
- How to manage API settings
- How to manage lines of business
- How to manage application types
- How to manage environments
- How to manage systems
- Reference
- Reference for API Logs
- Reference for DSM Audit Tracking
- Reference for bulk actions
- Reference for dynamic provisioning profiles
- Reference for DSM executions
- Reference for secrets
- Reference for credentials
- Reference for application
- Reference for authorization by application
- Reference for Encryption Keys
- Reference for CI/CD variables
- Reference for CI/CD deploys
- Reference for executions
- Reference for DSM automations
- Reference for access groups
- Reference for My approvals
- Reference for My requests
- Reference for API settings
- Reference for lines of business
- Reference for application types
- Reference for environments
- Reference for systems
- Explanation
- Domum Remote Access
- Overview
- Architecture and Domum gateway regions
- License activation
- Administrator
- About Domum user nomenclature
- Dashboards
- Request Access
- Reports
- Access control
- Settings
- Third party-user
- Internal user
- Remote users
- GO Endpoint Manager
- General introduction
- Control panel report
- Dashboard report
- Workstation report
- User report
- Application report
- Uninstallers report
- Go for Windows
- About the new GO Endpoint Manager
- Windows
- Introduction Windows
- Architecture
- GO for Windows Agent
- Installation
- Automation report
- About automation
- How to clone or edit an automation
- How to enable or turn off an automation
- How to create web authentication automation for general segregation
- How to create web authentication automation for workstation segregation
- How to create a RemoteApp type automation on GO Windows
- Automation use case
- Execute
- Control Panel
- Approval workflow
- Network Adapters
- Network Sharing
- Uninstall
- Segregated parameters
- System parameters
- Permission
- Application access lists
- Automation access lists
- Uninstaller access lists
- Privilege elevation block
- Directory and file control
- DLL blocking
- Trusted directories
- Impersonation
- GO Shell
- JIT Access
- Offline mode
- Token MFA OTP
- Application access lists
- Single Sign-On (SSO)
- Directory and file scan
- Network access blocking
- UAC integration
- Automatic update
- Session recording
- Malware analysis
- Reports
- About parent and child processes
- FAQ
- Troubleshooting
- Troubleshooting: API Authorization Error When Trying to Open the Agent
- How permissions management and application dependencies affect senhasegura.go
- Installation error messages
- Go Endpoint Manager for Windows flagged as a threat in antivirus scanners
- Applications in the control panel don't elevate privilege
- Linux
- Introduction Linux
- Getting started
- Agent installation
- Access policies
- Rules for sudo
- DAC permission
- Reports
- System parameters
- Session recording
- Troubleshooting
- Certificate Manager
- Getting started
- Certificates workflow
- Cloud certificates workflow
- Additional settings
- How to make action requests
- How to manage your approvals
- How to download the CSR and key
- How to download the certificate and key
- How to retrieve the certificate passwords
- How to link devices to a certificate
- How to set up a certificate pool
- How to automate the lifecycle of a certificate
- How to configure receiving notifications
- How to generate random certificates
- Reference
- Use case
- Cloud IAM
- Executions
- Introduction Executions
- Executors
- Templates
- Operations
- Attempt Parameters and triggers
- Profiles
- Chained operation automation
- Password change
- How to configure a password change
- Password change example
- How to change a domain user's permission in AD
- How to change a domain user's password in AD
- How to change a password with Kerberos authentication for Windows RM
- How to change a password with NTLM authentication for Windows RM
- SSH Keys rotation
- How to change SSH keys
- How to setup SAP password change
- Credentials execution profiles
- How to create a credential profile
- How to change passwords using Tk Expect for Oracle databases
- Examples
- Discovery
- MySafe
- Reference
- Passwords
- API secrets
- Files
- Notes
- Sharing center
- Batch import
- Audit
- Access control
- Integrations
- Admin
- MySafe extension
- Task Manager
- Load Balancer
- Arbitrator
- senhasegura mobile app
- Orbit Config Manager
- Monitoring
- Orbit CLI
- Explanation
- How-to guides
- How to change default passwords
- How to configure backup
- How to perform disk management
- How to check the senhasegura version
- How to configure network interfaces
- How to manage the firewall
- How to manage proxy settings
- How to set the hostname
- How to check the instance's health
- How to manage the application
- How to configure instance location
- How to manage the cluster
- How to configure NTP servers
- How to configure Domum Gateway
- How to manage operating system services
- How to configure DNS servers
- How to enable proxy or loadbalancer IPs
- How to configure remote partitions
- How to perform manual execution of senhasegura services
- How to shutdown or restart the server
- How to configure SNMP monitoring
- How to manage repositories with Orbit CLI
- How to login with certificates
- How to manage web application SSL certificate
- How to update the solution
- How to run the Discovery cleaning procedure
- How to configure Zabbix via Orbit CLI
- Reference
- Orbit Web
- Explanation
- How-to guides
- Reference
- Reference for Panel
- Reference for Application settings
- Reference for Application backup settings
- Reference for Recovery
- Reference for Replication settings
- Reference for Replication status
- Reference for Data search cluster
- Reference for Tokens
- Reference for Application versions
- Reference for Licenses
- Reference for Incidents
- Reference for System updates
- Reference for Eula
- Reference for Server settings
- Reference for Server information
- Reference for Disk and partition
- Reference for Services
- Reference for Certificates
- Reference for Backup Recovery
- Reference for Security
- Reference for Tuning system
- Reference for Orbit incidents log
- Reference for Logs
- Reference for Access proxy settings
- Reference for Proxy Services
- Reference for API - Proxy requests
- Reference for API - PEDM Windows
- Reference for API - PEDM Linux
- Reference for Application activation
- A2A
- Network Connector
- Explanation
- How-to guides
- How to install Network Connector
- How to configure devices on Network Connector
- How to configure Network Connector agents
- How to update the Network Connector agent
- How to use the Network Connector dashboard
- How to install the Network Connector agent on Google Cloud
- How to install the Network Connector agent on Microsoft Azure
- Reference
- Protected Information
- User Behavior
- Reports
- Dashboards
- PAM Core
- ☁️
Cloud Products
- Changelogs
- Cloud Security
- Cloud Entitlements
- Explanation
- Reference
- How-to
- How to access auditing details
- How to connect an AWS account
- How to connect an Oracle Cloud account
- How to connect an AWS organization
- How to connect a Google Cloud Platform organization
- How to connect a Google Cloud Platform project
- How to connect an Azure tenant
- How to set temporary policies for AWS identities
- How to set temporary policies for Azure identities
- How to customize Security policies
- How to remove roles from Azure
- How to remove policies from AWS identities
- How to view recommendations
- senhasegura SaaS
- 💻 senhasegura APIs
- Other information
- Other versions
How to configure the monitoring
Article summary
Did you find this summary helpful?
Thank you for your feedback
In this documentation we will only describe the hardware, operating system and monitoring services that can be queried through the SNMP protocol and the Zabbix agent. In addition to SYSLOG messages that can be forwarded to SIEM systems and notification emails triggered by Orbit.
Info
Some notifications are sent via email or SMS to configured users.
Attention
We don't allow the installation of monitoring agents not approved by the senhasegura . Only the tools described in this document are approved for use.
Monitoring through Zabbix
Info
The installed version of Zabbix Agent is 4.0. If you need to install a higher version, please contact our support team.
By default, the Zabbix Agent service will be inactive on the instance. To activate it, access the menu Orbit Config Manager > Server > Services, locate the Zabbix Agent service and click on the Start action.
To configure the Zabbix Server that will receive the data:
- Go to menu Orbit Config Manager > Settings > Application.
- Fill in the Server IP and Server Connection Port fields with the destination server data
- If you want, you can add up to 3 servers, just fill in the server IP and the connection port to the server.
- Fill in the Listen IP field with the instance access interface IP.
- Finally, keep Listen Port with port 10050.
Caution
To set up an access using TLS, use the Orbit Command Line so that the data Identity and Pre-shared key be presented.
Monitoring through SNMP
The instance has support for SNMPv2 and from version 3.8 there is support for SNMPv3 configured only by Orbit Command Line. See the Orbit Command Line documentation for more details.
Through the Orbit Web interface, it is possible to configure the servers allowed to read and the community, through the menu Orbit Config Manager > Server > Settings.
Info
The SNMP service will be restarted with each change.
Monitoring through SYSLOG (SIEM)
The senhasegura is compatible with the most used SIEM tools in the market and offers support for the transmission of messages in CEF, Syslog (RFC 5424), and Sensage formats.
To configure access the menu Orbit Config Manager > Settings > Application > Syslog configuration and fill the following fields:
- Message format: Refers to the selected format of the message to be sent, which can be CEF, Syslog (RFC 5424), or Sensage.
- Notification plugin: Used only in cases of paid customization projects. Keep this field at its default value. It is not recommended to manipulate this control without the supervision of the Support team.
- Message sending protocol: Choose between TCP or UDP.
- Network Connector: Refers to the network connector to send the message.
- Use network connector: Indicates if the network connector selected will be utilized in the Syslog message-sending configuration.
Info
Sending syslog messages to the SIEM via network connector is only possible when using the TCP protocol. UDP is not supported.
- Servers for message sending: A list of IPv4 servers, separated by commas, that will receive the messages.
Orbit alerts and incidents
Some alerts are specific to modules and features of senhasegura . These alerts are monitored by Orbit and forwarded to certain users depending on their criticality.
To configure the recipients to receive these alerts, go to the menu Orbit Config Manager > Settings > Applications and add the emails in the field Notification e-mail. The pending solution incidents will be presented in the menu Orbit Config Manager > Application > Incidents.
Info
The emails will be sent whenever the incident is created or updated. Only the types and event LOG_EMERG, LOG_ALERT, LOG_CRIT and LOG_ERR will be notified.
Caution
Incidents of the type LOG_CRIT generate email sending to all users logged in at the moment and will also be echoed to users who are logged in SSH in the instance senhasegura. Users who are in proxy sessions through the senhasegura Web Proxy or senhasegura Terminal Proxy will not receive these echoed notifications.
Application activation
The activation key is required to use the application. The access to your application will be blocked in DAYS.
Priority
LOG_ALERT
Resolution
- Get in touch with our support team to renew your application license.
Mysql Service
Mysql service failed: MESSAGE
Priority
LOG_ALERT
Resolution
- If you are running a senhasegura cluster environment, first at all assume the next node as Primary.
- If you are running into a DR schema, enable the DR instance as primary.
- After normalize the environment, isolate the problematic instance and start a database recovery mirroring the new primary instance.
DB Cluster
Database Cluster failed: MESSAGE
Priority
LOG_ALERT
Resolution
- First at all assume the next node as Primary.
- After normalize the environment, isolate the problematic instance and start a database recovery mirroring the new primary instance.
Cluster Replication Health
The node cannot apply write-sets as quickly as it receives them: AVGVALUE
The node flow control was paused to a long time: FLOWCONTROLVALUE
Replication throttling or network throughput issues: AVGQUEUE_VALUE
Priority
LOG_ERR
Resolution
- Network latency should be configured. At the Orbit cluster configuration set that nodes are in different data centers.
Cluster Replication Issues
Node is not synced: STATUS
Priority
LOG_ERR
Resolution
- Checkup if the node can reach the others cluster members and reconfigure the problematic node.
Database Primary key increase alert
Database Primary key increase alert: Table TABLE_NAME
Priority
LOG_ALERT
Resolution
- Execute the Primary key maintenance procedure located at senhasegura PAM Solution.
Remote partition problem
Your remote partition has a problem! Please check your mounted partitions.
Priority
LOG_ALERT
Resolution
- Check if the target device can be reached by the senhasegura instance.
- Check if the credential used to authenticate is enabled and has the right permission to access the device.
- Check if the target device support the configured protocol.
Inodes usage
Inodes block usage problem: DETAIL
Priority
LOG_ALERT
Resolution
- Execute the INODE maintenance procedure located at senhasegura PAM Solution.
Disk Usage
Disk space usage problem: DETAILS
Priority
LOG_ALERT
Resolution
- Attach a new virtual disk to the instance and execute the partition resizing.
Files Replication
Replication interval is too long! Last sync: TIME
Replication error! Pack: ID
Priority
LOG_ALERT
Resolution
- Session files replication failure. Execute the rsync manually as described at Force files resync procedure at senhasegura PAM Solution.
Application version
Application version is different between nodes: DETAILS
Priority
LOG_ALERT
Resolution
- Execute
orbit upgradeinto all instances.
System restart required
One or more processes require a full reboot.
Priority
LOG_ALERT
Resolution
- Execute the system reboot. Into a cluster environment you should reboot one instance by time given the right time to the cluster identify every cluster leave and entrance.
Master key not set
Master key not set. It is not possible to create a backup of your credentials.
Priority
LOG_ALERT
Resolution
- Perform the Master Key ceremony.
Master key guardian inactive
Master key guardian inactive. You have inactive guardians in the system, redo the master key process.
Priority
LOG_ALERT
Resolution
- Check if the guardian made wrong its login and disabled its user. If it is not the case, redo the master key process.
Proxy Service alert
Proxy Service not running: DETAILS
Priority
LOG_ALERT
Resolution
- Restart the service using
orbit servicecommand. If the problem continue, restart the instance.
Default E-mail Account
E-mail Account is not set up
Priority
LOG_ERR
Resolution
- Register an SMTP account.
System without initial key settings
System without initial key settings. Run the system setup wizard to resolve this issue.
Priority
LOG_ALERT
Resolution
- This error should appears only into not configured instances. Execute the deployment steps to solve the incident.
System key is missing or corrupted
System key is missing or corrupted. Contact system administrator immediately.
Priority
LOG_ALERT
Resolution
- The system key, generated into deployment stage, is not found. It can occurs when an really old backup is restored with an updated senhasegura software. Call our support team.
Default password not changed
The system default user account password must be changed. Use the command 'orbit security password' to change it.
Priority
LOG_ALERT
Resolution
- Execute
orbit security passwordto change the default password.
Server configuration tuning not applied
The server configuration tuning is different from the minimum required.
Priority
LOG_WARNING
Resolution
- Check if the hypervisor changed the virtual machine hardware profile. After given the right hardware configuration to to the instance, perform the tuning again.
Disk expansion process is recommended
The size of your data partition is dangerously small. Please expand your disk capacity or add a new disk.
The size of your audit log partition is dangerously small. Please expand your disk capacity or add a new disk.
Priority
LOG_WARNING
Resolution
- Attach a new virtual disk to the instance and execute the partition.
Orbit Notify
Error to sent e-mail alerts: DETAILS
Priority
LOG_WARNING
Resolution
- Check if the configured SMTP account has the right network, security and authentication configuration.
Application backup error
Remote Server SERVER: DETAILS
Priority
LOG_ALERT
Resolution
- Check if the target device can be reached by the senhasegura instance.
- Check if the credential used to authenticate is enabled and has the right permission to access the device.
Network connector agent unavailable
The network connector agent has primary unavailable. AGENT, PORT.
The network connector agent has secondary unavailable. AGENT, PORT.
Priority
LOG_ALERT
Resolution
- Activate the network connector.
Logs
The Orbit Web schedules several asynchronous operations of settings that will be applied on the instance server. These operations generate execution logs (not detail logs) that can be followed in the following reports.
- Application: All senhasegura application layer logs, including user operations and Orbit operations. Alerts also will appears into this logs.
- API: WebService A2A requests. No sensitive data will be displayed.
- Operations: Accessed by the Orbit Config Manager > Logs > Operations menu, you will be able to see all Orbit operations that have been requested, date/time and request:
- Hostname, NTP, DNS, SNMP and Gateway settings definitions.
- Zabbix and Syslog definitions.
- Backup, remote partition and Cluster definitions.
- Task execution: Accessed by the Orbit Config Manager > Logs > Task execution menu, you can follow the execution of these operations. That is, the moment of change of state of the operation from time to time.
- Replication: Cluster node status and logs.
- Backup: Backup definition and execute logs.
- Database: MariaDB operationa and error log.
- Web server: NGINX access and error log.
Info
In this same menu you'll have access to other service logs of the operating system. Use only for diagnosis.
Was this article helpful?
Thank you for your feedback! Our team will get back to you
How can we improve this article?
Your feedback
Comment
Comment (Optional)
Character limit : 500
Please enter your comment
Email (Optional)
Email
Please enter a valid email
On this page
- Monitoring through Zabbix
- Monitoring through SNMP
- Monitoring through SYSLOG (SIEM)
- Orbit alerts and incidents
- Application activation
- Mysql Service
- DB Cluster
- Cluster Replication Health
- Cluster Replication Issues
- Database Primary key increase alert
- Priority
- Resolution
- Remote partition problem
- Inodes usage
- Disk Usage
- Files Replication
- Application version
- System restart required
- Master key not set
- Master key guardian inactive
- Proxy Service alert
- Default E-mail Account
- System without initial key settings
- System key is missing or corrupted
- Default password not changed
- Server configuration tuning not applied
- Disk expansion process is recommended
- Orbit Notify
- Application backup error
- Network connector agent unavailable
- Logs
