Hi all,
IDM 4.0.1a AE, SUSE 11SP1, Sentinel 7.
I created a loopback driver to do some tests about events to sentinel, but I’m receiving an error when I look at Sentinel Control Center:
- Event Name: Collector Internal Message
- Message: Parsing failed: Event ID not recognized; input: undefined
Full event:
I copied the code from many sources (forums, cool solutions, downloaded the example codes) but always got the same error.
What do I’m doing wrong?
IDM 4.0.1a AE, SUSE 11SP1, Sentinel 7.
I created a loopback driver to do some tests about events to sentinel, but I’m receiving an error when I look at Sentinel Control Center:
- Event Name: Collector Internal Message
- Message: Parsing failed: Event ID not recognized; input: undefined
Full event:
Code:
Name
Value
CollectorID
D892E9F0-3CA7-102B-B59E-005056C00005
CollectorManagerID
Sentinel Server (C76D2820-C395-1029-BB86-001321B5C0B3)
CollectorNodeName
Novell Identity Manager
CollectorPluginID
6697F190-8F23-102C-9FAB-005056C00008
CollectorPluginName
Novell Identity Manager
ConnectorID
Audit Connector (D892E9F0-3CA7-102B-B59F-005056C00005)
EventID
61F2B082-2D96-102F-BD28-0040A71B8E2A
EventName
Collector Internal Message
EventSourceID
Audit Event Source:10.100.228.131 (24FA5EF0-2A4C-102F-B39E-0040A71B8E2A)
EventTime
2012 January 30 16:28:43 UTC-2
IDSName
Identity Manager
Message
Parsing failed: Event ID not recognized; input: undefined
MinRetentionDate
2012 April 29 21:00:00 UTC-3
ObserverCategory
IDM
ObserverHostID
0
ObserverTZ
America/Sao_Paulo
ObserverTZDayInMonth
30
ObserverTZDayInWeek
2
ObserverTZDayInYear
30
ObserverTZHour
16
ObserverTZMinute
28
ObserverTZMonth
0
ObserverType
A
ProductName
Novell Identity Manager
RawDataRecordId
61F2B082-2D96-102F-BD27-0040A71B8E2A
ReporterHostID
0
RetentionPolicyID
System Events
SearchServerId
CDF88D20-0331-102F-8A22-0040A71B8E2A
SearchServerName
[Local]
SentinelID
CDF88D20-0331-102F-897F-0040A71B8E2A
SentinelProcessTime
2012 January 30 16:28:43 UTC-2
SentinelServiceID
D892E9F0-3CA7-102B-B59E-005056C00005
Severity
4
SourceHostID
0
Tags
Sentinel
TargetHostID
0
TenantHierarchyID
0
TenantName
unknown
Vulnerability
0Code:
<do-generate-event id="1008" level="log-emergency">
<arg-string name="target">
<token-text xml:space="preserve">EDIRCD</token-text>
</arg-string>
<arg-string name="text1">
<token-text xml:space="preserve">EDIRCD</token-text>
</arg-string>
<arg-string name="text2">
<token-text xml:space="preserve">EDIRCD</token-text>
</arg-string>
<arg-string name="text3">
<token-text xml:space="preserve">EDIRCD</token-text>
</arg-string>
<arg-string name="value1">
<token-text xml:space="preserve">EDIRCD</token-text>
</arg-string>
<arg-string name="value2">
<token-text xml:space="preserve">EDIRCD</token-text>
</arg-string>
<arg-string name="value3">
<token-text xml:space="preserve">EDIRCD</token-text>
</arg-string>
</do-generate-event>
<do-set-local-variable name="LVUsers3">
<arg-string>
<token-text xml:space="preserve">User:</token-text>
<token-op-attr name="cn"/>
<token-text xml:space="preserve"> added to the </token-text>
<token-text xml:space="preserve">Training\Users\Active\Users3</token-text>
<token-text xml:space="preserve"> container</token-text>
</arg-string>
</do-set-local-variable>
<do-generate-event id="1000">
<arg-string name="text1">
<token-local-variable name="LVUsers3"/>
</arg-string>
</do-generate-event>