Actions

Otelligence Center

From Syntaro Help

Back to Otelligence Main Page

Overview

The Otelligence Center is where you find all available functions for Syntaro Otelligence. To get to know what each menu entry is used for, we will further describe its function below here

If your account only has user permissions, some entries will not be available for you.

Dashboard

Plugins

Connectors

Connector Status

General Information

In the "Connectors" blade, you gain direct insight into the status of your connector or connectors. With simple color-coding you can see potential problems at first glance. What exactly those colors mean is described in the following table:

Green Everything is alright. The connector has had no errors in the last run of the scheduled task and data was transmitted successfully to the Otelligence Cloud.
Orange The connector successfully transmitted the data but has had one or more errors in the last run. Please check the Windows EventLog to gain further information.
Red Otelligence Cloud has no information about the connector. There was no communication during the last 48 hours between the connector and cloud. Please check the Windows EventLog to gain further information.

An example could look like the following screenshot:

Otelligence Connector Status 001.png

Please note, that the color-coding and time are updated differently. Right after a run of the scheduled task, the color might have changed but the time has not. This is due to the fact, that the value of "last connected" is only updated after the data was uploaded and processed in the Otelligence Cloud, while the color-coding is updated right after the scheduled task completes.

Deleting a Connector

It is also possible to delete your connector on this blade. By clicking the recycle bin on the connector, all data in the portal will be deleted. Be advised, that this will permanently delete all data in the portal including your widgets. As of yet, there is no possibility to get the deleted data back.

By deleting the connector from this blade, the installed logic on your computer will not be uninstalled. If you only delete the connector here, the scheduled task will run again and re-register the connector on the portal and upload data again. If you do not wish for this to happen, please disable the scheduled task on your system. More information about the scheduled task can be found here.

Installation

In the following steps we show you, how you can install and correctly configure the Otelligence Connector. Depending on your specific infrastructure and collection of plugins that will be used, you can install one Connector or multiple Connectors spread out over different systems so you retain a clear overview over your personal installation.

Windows Preparation

Otelligence Service Account 001.png
To ensure, that the connector works as it is supposed to, we have to prepare some steps prior to the installation of the connector itself. First of all, we have to create a service account for the connector to use. This service account will have basic user permissions with some small tweaks. Considering security, we advice you to not give this service account administrative rights on your system where you install the connector.

Best practice for the creation of this account is to mark him with the prefix "sa" so you can easily find the user in later stages or whilst troubleshooting in the future. For our example we use the username "sa_otelligence"

Otelligence Service Account 002.png
In the next step we have to allow the service account to run tasks in the task scheduler. For this he needs the right to "Log On As A Batch Job". This permission can be assigned in the local security policy (secpol.msc).

First, you will have to navigate to "Local Policies" -> "User Rights Assignments". Here you will find the policy "Log On As A Batch Job" where you can include your service account or service group depending on your installation.

This already completes the preparation for the installation of the Otelligence Connector.

Connector Installation

Otelligence Connector Download.png
To get started, we have to download the Otelligence Connector which can be found in the navigation pane of your Syntaro portal. Under the register "Configuration" you will find the "Connectors"-blade. From this blade you can directly download the .MSI-file you need.
Otelligence Connector Install 001.png
Now you can run the .MSI file. On the first prompt you will see, you will have to validate your service account user. Even though the setup validates if this user exists and the entered password is correct, it will not check if the user is a member of the policy "Log On As A Batch Job".

Please make sure you followed the previous Windows Preparation steps correctly and you surely added the user to the correct group. Afterwards you can install the program without further user interaction.

Otelligence Connector Install 002.png
To validate if the program was installed properly you can check your file explorer. The core data of the connector will be copied to the following location: "%Systemdrive%\Program Files\Syntaro Otelligence Connector\".

In addition, you will see a new task in the task scheduler with the name "Otelligence upload" was created. Here you can double-check if the correct service account user will be running the task as well.

Notifications

In the Notifications blade we provide you with the functionality of sending a JSON-File to a webhook. With the webhook you can then further process the sent notification in any way you find suited for your business case. Here we will show you, how to make a simple Microsoft Flow, to send the data to your Office 365 inbox.

Creating a Microsoft Flow

Otelligence Notification Flow 001.png
Navigate to the Microsoft Flow Portal, create a new flow (automated - from blank) and skip the first window.
Otelligence Notification Flow 002.png
Add a new trigger by searching "HTTP Request" and select the trigger "When a HTTP request is received".

In the "Request Body JSON Schema" you can copy and paste the sample payload from the Syntaro Portal

Otelligence Notification Flow 003.png
Add a new step with the "+ New Step" button and search for Office 365 Outlook. In the list of possible actions choose "Send an email" and configure the receiver address and subject. If you just want to send all the data from the .JSON-File, add the dynamic content "body" into the body-section of the configuration as seen in the provided screenshot.
Otelligence Notification Flow 004.png

Otelligence Notification Flow 005.png
After you saved the flow you have to go back to the HTTP-Request step, copy the "HTTP POST URL" and insert it in the Syntaro portal in the Notification blade. Click "save" and push the "test" button to test your flow. Afterwards, you should receive one mail per installed plugin.

Note: As of now, the "test" button in the Otelligence Center does not send a test payload but will rerun the whole alert pipeline for the current day. Meaning you will get data that was already sent through the portal overnight.

Permissions

If you want to give a co-worker access to the Otelligence Center you can do so with two different levels of permission.

Admin Role These Users have rights to download the connector, manage baselines, view and compare data, view and customize the dashboard and assign roles.
User Role These Users have rights to view and compare data and view and customize the dashboard.

Manage Roles

Otelligence Permissions 001.png
Navigate in the Otelligence Center to the entry "Permissions". Here you will find the two different levels of permission that you can assign users or groups to. Choose the role that you need to open the blade where you can grant the chosen permission to the users.
Otelligence Permissions 002.png
By clicking the "+" button, a separate blade will open where all your AzureAD objects will be shown. This is synchronized with your Azure Tenant and you do not have to add the user manually.

Choose the user or group from the list by filtering with the included search option and check the box next to the users name. After you checked your users or groups, click the "add" button to grant them access.

Otelligence Permissions 003.png
The objects you added will be shown on the Admin or User role blade.
Otelligence Permissions 004.png
To delete a user or group from having the set permissions you can simply check the box next to the object and press the "-" button to delete the role assignment.