Veritas Data Insight Administrator's Guide
- Section I. Getting started
- Introduction to Veritas Data Insight administration
- Configuring Data Insight global settings
- Overview of Data Insight licensing
- About scanning and event monitoring
- About filtering certain accounts, IP addresses, and paths
- About archiving data
- About Data Insight integration with Symantec Data Loss Prevention (DLP)
- Configuring advanced analytics
- About open shares
- About bulk assignment of custodians
- Section II. Configuring Data Insight
- Configuring Data Insight product users
- Configuring Data Insight product servers
- About node templates
- About automated alerts for patches and upgrades
- Configuring saved credentials
- Configuring directory service domains
- Configuring containers
- Section III. Configuring native file systems in Data Insight
- Configuring NetApp file server monitoring
- Configuring clustered NetApp file server monitoring
- About configuring secure communication between Data Insight and cluster-mode NetApp devices
- Configuring EMC Celerra or VNX monitoring
- Configuring EMC Isilon monitoring
- Configuring EMC Unity VSA file servers
- Configuring Hitachi NAS file server monitoring
- Configuring Windows File Server monitoring
- Configuring Veritas File System (VxFS) file server monitoring
- Configuring monitoring of a generic device
- Managing file servers
- Adding filers
- Adding shares
- Renaming storage devices
- Configuring NetApp file server monitoring
- Section IV. Configuring SharePoint data sources
- Configuring monitoring of SharePoint web applications
- About the Data Insight web service for SharePoint
- Adding web applications
- Adding site collections
- Configuring monitoring of SharePoint Online accounts
- About SharePoint Online account monitoring
- Adding SharePoint Online accounts
- Adding site collections to SharePoint Online accounts
- Configuring monitoring of SharePoint web applications
- Section V. Configuring cloud data sources
- Section VI. Configuring ECM data sources
- Section VII. Health and monitoring
- Section VIII. Alerts and policies
- Section IX. Remediation
- Section X. Reference
- Appendix A. Backing up and restoring data
- Appendix B. Data Insight health checks
- Appendix C. Command File Reference
- Appendix D. Data Insight jobs
- Appendix E. Troubleshooting
- Troubleshooting FPolicy issues on NetApp devices
Generating SSL certificates for NetApp cluster-mode authentication
Use the openssl command to create a self-signed certificate.
Generating Self-Signed certificate
- To generate a Certificate Signing Request (CSR), go to the command prompt window and execute the following command:
openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout <yourKeyFileName>.key -out <yourCertName>.pem
The generated certificate looks as follows:
-----BEGIN CERTIFICATE----- MIICwjCCAiugAwIBAgIJAJpgINzlWl06MA0GCSqGSIb3DQEBBQUAMHoxCzAJBgNV BAYTAklOMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX aWRnaXRzIFB0eSBMdGQxEDAOBgNVBAMMB2Fhc2hyYXkxITAfBgkqhkiG9w0BCQEW EmFhc2hyYXlAbmV0YXBwLmNvbTAeFw0xMzA3MzAxNjQ2NDRaFw0xNDA3MzAxNjQ2 NDRaMHoxCzAJBgNVBAYTAklOMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQK DBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxEDAOBgNVBAMMB2Fhc2hyYXkxITAf BgkqhkiG9w0BCQEWEmFhc2hyYXlAbmV0YXBwLmNvbTCBnzANBgkqhkiG9w0BAQEF AAOBjQAwgYkCgYEAv8jid3ADQH/HQ05iZ6Tk0NF2cY9iiEna71PVKjM1L8GGkyWJ kGioW2j1qoHO4kJEXUOMoX7YREOKLYbBQW5nx6rrg8Z3iFvP09YJnByonUIuN9QZ 96OHQ+ws9u6wNgM2LTJbcbOUUdJuOQNgaQ4XhzLDa6g0jEzyDBHbC05m2XUCAwEA AaNQME4wHQYDVR0OBBYEFDdavnhJnCUHDJXgZEAovxcoYAsxMB8GA1UdIwQYMBaA FDdavnhJnCUHDJXgZEAovxcoYAsxMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEF BQADgYEAdnD5BzSlV2SiZJbOjzmhkYraNwG3WauDYlnzo8K0v6BFhxKEC/abjUaa Ic/mBXEE8JqnLN7uqQf1wZtqIU60eNexMMdg+tstYe5O0Fnu27ss9HsmDD51A9LZ kT5+XIfG21EYJMnFa1LwWTtmkla66GNhVEzzJKUtOXD23H6SyNc= -----END CERTIFICATE-----
- Save the content of the generated certificate in two separate files - <yourCertName>.pem and <yourKeyFileName>.key in the -keyout and -out files as mentioned in the command.
To generate a unique CA-signed certificate
- Collect the following information to generate a certificate request:
Common name
The fully qualified DNS name of the NetApp Admin Vserver. This name must be the actual name of the server that is accessible by all the clients. For example: https://ditest.
Organization Name
For example, Veritas ¡ City ¡ State ¡ Country ¡ Expiration
Organizational unit (optional)
Country
For example, US
State
For example, CA
City
For example, San Francisco
Expiration
Expiration time in days
- On the cluster-mode Admin Vserver, switch to Administrator mode. From the command prompt window, run the following command:
set -privilege admin
- Run the command to generate the Certificate Signing request:
security certificate generate-csr -common-name <hostname of the Admin Vserver> -size 2048 -country <name> -state <name of state> -locality <name of locality> -organization <name of organization> -unit <name of organizational unit> -email-addr <email address>
- Copy the certificate and the key strings and save them in two different files with extension
.pem
and.key
respectively.Paste the certificate to a text document exactly as it appears on the screen. Include the top line and bottom line (-----BEGIN CERTIFICATE REQUEST----- and -----END CERTIFICATE REQUEST-----) with the extension
.pem
. Make sure that no extra lines, spaces, trailing carriage returns, or characters have been inadvertently added.Paste the key strings from (-----BEGIN RSA PRIVATE KEY ----- and -----END RSA PRIVATE KEY-----) to a text document with the extension
.key
. - Send the CSR string (the string portion from "-----BEGIN CERTIFICATE REQUEST----- to-----END CERTIFICATE REQUEST-----") to a Certification Authority (CA) electronically to apply for a digital certificate. After the CA sends you the signed digital certificate, you must install it with the associated private key (<yourKeyFileName>.key) on the Vserver.