Collectors normalize and collect the information from the Connectors. Collectors are written in JavaScript, and they define the logic for the following:
Receiving raw data from the Connectors.
Parsing and normalizing the data.
Applying repeatable logic to the data.
Translating device‐specific data into Sentinel specific data.
Formatting the events.
Passing the normalized, parsed, and formatted data to the Collector Manager.
You can download Collectors from the NetIQ Sentinel Plug-ins website.
If you are upgrading from a previous version of Sentinel, you need to ensure you have the most recent Collectors installed. Older versions of Collectors will not be able to route events to the Collector properly and events are handled by the Generic Event Collector.
Collectors that have not yet been updated with Agent Manager application tags are still compatible with Agent Manager data collection. You can use the Agent Manager event source server advanced configuration to define a custom application tag to route Agent Manager events to the proper Collector.
The following list describes the source for the application tag included in each event.
WMS connection method application tag is defined by the event Source. For example, “Event.System.Provider Name” in the XML view.
FILE connection method application tag is defined in the Application Log provider configuration.