Data Collector encryption
For new Data Collectors, asymmetric encryption requires some initial setup. When you add a Data Collector in the Portal, you download the registration file and then point to that location when you install the Data Collector software on the collector server.
For existing Data Collectors, registration file generation for asymmetric encryption can occur at any time. You can opt-in to encrypt/decrypt credentials.
For a new installation, the registration file must first be generated in the Portal. Next, the registration file location must be entered as part of the Data Collector installation process.
To activate encryption for new Data Collectors
- Navigate to Admin > Data Collection > Collector Administration.
- Click Add Collector.
- Click Generate Registration File.
- Click OK to proceed and download the registration file to your local system.
- Copy the
<collectorname>.jsonfile to a temporary location. You will be prompted for this location during the Data Collector installation. - Install the Data Collector software on the Data Collector server.
In an upgrade scenario, you can change the encryption method to asymmetric and add the extra layer of security to active Data Collector policies.
To activate encryption for existing Data Collectors
- Stop the Data Collector.
- In the Portal, search for Collector by name. Search returns results at the folder level and within the folder.
Alternatively, select Admin > Data Collection > Collector Administration to browse for a collector. A list of currently configured Portal Data Collectors is displayed.
- Select a Data Collector from the list.
- Click Edit.
- Click Generate Registration File.
Note:
When generating a replacement registration file, for example a registration file is lost or data has been corrupted the following applies: active policies associated with the collector are disabled and their credentials are invalidated. For each policy associated with the collector, you must re-enter all credentials and re-enable the policy.
- Click OK to proceed and download the registration file to your local system.
- Copy the
<collectorname>.jsonfile to a temporary location on the collector server. - Execute reconfigureDC.bat/sh <registration file path>.