This section contains the following topics:
How SiteMinder and CA Security Compliance Manager Integration Works
Generate the Compliance Reports
Display List of Available Compliance Reports Or Their Fields
CA SiteMinder offers a command line tool, smcompliance, which creates compliance reports that you can manually import into CA Security Compliance Manager. The smcompliance tool generates the following types of reports by default:
Lists all of the policies stored in the SiteMinder Policy Server from which the command was run.
Lists all of the user directories in the policy store that is associated with the Policy Server.
Lists the users, their respective user directories and any associated policies.
To export SiteMinder compliance data to CA Security Compliance Manager, use the following process:
The SiteMinder compliance reports for CA Security Compliance Manager are generated with a command line tool. After the reports are generated, you must send them to the CA Security Compliance Manager administrator in your organization so they can be imported into CA Security Compliance Manager.
To generate the compliance reports
Specifies the full path to an output directory where the generated reports will be saved. If this directory already exists, the tool renames the existing directory as a backup.
Default: siteminder_home/compliance/output
Specifies the full path to the configuration file that determines the content and format of the reports. The default configuration file has the content for CA Security Compliance Manager, but you can customize a configuration file to meet your needs.
Default: siteminder_home/compliance/config
Specifies the full path to a log file.
Default: siteminder_home/compliance/output
Specifies one of the following file types for the reports:
Default: csv
The reports and log file are generated. The files are ready to send to the CA Security Compliance Manager administrator.
The SiteMinder compliance-report tool, smcompliance, can generate other types of reports in addition to those reports produced by default.
To display a list of available compliance reports
smcompliance -help reports
A list of report names appears.
smcompliance -generate report_name
The report_name must match a name from the list in Step 2. For example, to see what fields the agents report contains, enter the following:
smcompliance -generate agents
A list of fields for the report appears in XML format. You can add the XML to a configuration file to produce a new report.
You can generate other types of compliance reports by adding new reports to the configuration file used by the smcompliance tool.
To add a new compliance report
siteminder_home\compliance\config
The new report is added.
The reports generated by the default configuration file provide the typical compliance information that CA Security Compliance Manager needs. If your organization has different needs, you can create your own custom configuration file to generate reports with the information you want.
siteminder_home\compliance\config
Copyright © 2012 CA.
All rights reserved.
|
|