Skip to main content

ActiveEye Network Sensor (AENS) Alerts

Overview

The AENS Alerts service connector handles network intrusion and anomaly detection for monitored network traffic.

The connector is configured through an existing ActiveEye Remote Security Sensor (AERSS), which resides inside a customer network.

Prerequisites

To create an AENS Alerts service connector, an AERSS service connector must already exist in the customer network. This AERSS service connector cannot already be associated with any AENS service connector. Instructions for creating an AERSS service connector can be found here.

You will also need the Corelight license key used by ActiveEye. Contact ActiveEye Engineering if you need this key.

Creating the Credentials and Service Connector

Creating the AENS Alerts Credentials

AENS Alerts credentials must be set up before creating the service connector.

  1. In ActiveEye, in the left pane, click Admin, and then click Service Connectors.
    The Service Connectors page appears.
    The Service Connectors page
  2. In the upper-right corner of the page, click Manage connectors credentials.
    The Connector Credentials page appears.
    The Connector Credentials page
  3. In the upper-left corner of the page, click Add Credential.
    The Add Connector Credentials page appears.
  4. In the Connector Type list, select AENS Alerts.
    The AENS Alerts Credentials section appears.
  5. In the Display Name box, enter a unique name.
  6. In the License Key box, enter the Corelight license key.
  7. Click Add.
    The AENS Alerts credentials are created.

Creating the Service Connector

With AENS Alerts credentials set up, the AENS Alerts service connector can be created.

  1. In ActiveEye, in the left pane, click Admin, and then click Service Connectors.
    The Service Connectors page appears.
  2. In the upper-left corner of the page, click Add Connector.
    A list of service connectors appears.
    The list of service connectors
  3. Scroll down to the NETWORK SECURITY section, and then, in the ActiveEye Network Sensor Alerts subsection, click the Add Connection button.
    The Add Connector Account page appears.
  4. In the Display Name box, enter a unique name.
  5. In the AERSS Connector list, select the appropriate AERSS service connector that is not already associated with an AENS service connector.
  6. In the Credential Set list, select the name of the AENS Alerts credentials created in the previous procedure.
  7. In the SPAN Ports box, enter the number of SPAN ports (between 1 and 4) that will be connected to the parent AERSS device.
  8. Optionally, modify the priority level in the Priority box. Raising or lowering the priority will increase or decrease the visibility of alerts related to this service connector.
  9. If you do not want data ingestion to begin immediately once cloud accounts have been configured, clear the Enable Account check box. Otherwise, leave the check box selected.
  10. Click Add.
    The AENS Alerts service connector is created.