You must configure Sentinel to receive compliance details associated with the Secure Configuration Manager events.
NOTE:When configuring SCM to send compliance information to Sentinel, SCM administrator can configure it in the following two ways:
To send compliance information as an event.
To send compliance information as an event, with an attached report.
If SCM administrator configures to send compliance information as an event with attachment, you do not need to perform any configuration in Sentinel to receive compliance information from SCM. Perform the following procedure only if SCM administrator has configured to send compliance information just as an event.
To receive compliance details from Secure Configuration Manager:
In the Sentinel Main interface, click Integration > SCM.
In the SCM Servers page, the list of SCM servers that are configured to send compliance details is displayed.
To add an SCM server to send compliance details to Sentinel, click Add and specify the following information in the Add SCM Server window:
IP address/DNS name: SCM server IP address or host name.
Port: The port on which SCM core service listens.
Protocol: The security protocol that the SCM core service uses.
User name: SCM server user name.
Password: SCM server password.
Click Save to save the configuration.
If the connection is valid, the SCM server displays the certificate information in the Confirm Certificate window.
Click Accept to accept the server certificate.
Sentinel establishes a connection with the SCM server.
SCM server details are displayed in the SCM Servers page.
(Optional) You can perform the following actions by clicking appropriate links in the Action column in the table:
Click Edit to edit the SCM server details.
Click Delete to delete the SCM server.
Click Validate to validate the SCM server configuration.
For information about viewing Secure Configuration Manager events and the associated compliance details, see Viewing Compliance to Configuration Policies
in the Sentinel User Guide.