Novell is now a part of OpenText

Collector icon

Collectors

DEVELOPING COLLECTOR PLUG-INS

This section provides detailed information about developing Sentinel Collector Plug-ins using the Plug-in SDK. Collectors are used to gather data from many different types of endpoint devices, systems, services, and applications. The usual goal is to provide a real-time feed of event log data from the event source, normalize that data to fit the Sentinel Event Schema, and then send the data into Sentinel for analysis and storage. Other types of Collectors are also possible — for example, Collectors are also used to gather identity, host, and vulnerability information — but the vast majority collect event data.

This section of the SDK documentation is split into two parts:

Collector Development Guide
The Guide provides a walk-through of a normal Collector development lifecycle along with plenty of examples of common techniques, usage, and best practices.
Collector Development Topics
The Topics section provides deep-dive reference material on specific topics of interest.

Collector Development Guide

Our recommendation is that you start with the Development Guide and walk through the process, then come back to the Development Topics later as necessary.

If you have any questions about how to develop Collectors or feedback about the SDK or this documentation, please post in the Forums.

Development Topics

© Copyright Micro Focus or one of its affiliates