Event Notification Engine (2024)

The Event Notification Engine (ENE) sends email notifications about Privileged Access Security solution activities automatically to predefined users. It is installed automatically as part of the Vault server installation as a service.

Enable the ENE

After installing the Vault, the ENE must be enabled so that you will be able to receive email notifications about the Vault activities.

After the ENE has been configured, the ENE setup wizard will only be enabled if the SMTP address is set to 1.1.1.1. To rerun the ENE setup wizard, in the Notification Settings page, set the SMTP address to 1.1.1.1 then re-invoke the ENE setup wizard.

Before enabling the ENE

  1. Log onto the PrivateArk Administrative Client as an administrator user.

  2. Make sure that the business email address of the user who will issue ENE notifications is specified in their user properties. This user must belong to the Vault Admins group. By default, this is the Administrator user.

Enable the ENE

The ENE is installed as part of the Vault server installation as a service called CyberArk Event Notification Engine. After Vault server installation or upgrade, do the following to enable the service:

  1. Log onto the PVWA as an administrator user. Make sure that this user belongs to the VaultAdmins group so that you have the required permissions to enable ENE notifications.

  2. Enable the Event Notification Engine:

    See Also
    Logon Accounts for SSH and Telnet Connections

    1. In the System Configuration page, click Setup Wizard.

      The Setup Configuration wizard displays the Vault setup page.

    2. Select Email notifications, then click Next; the Configuration page appears.

    3. In the Setup Event Notification Engine area, specify the following details:

      • SMTP address – The IP address of the SMTP server. You can specify multiple IP addresses for high availability implementations. Separate multiple IP addresses with commas.

      • Sender Email – The mail address that will appear as the notification sender.

    4. In the Advanced Settings area, specify the following optional details:

      • Sender DisplayName – The name that will appear as the sender’s name.

      • SMTP Port – The port through which the ENE will send notifications.

      • Recipients Domain – The name of the domain where the recipient’s email account exists.

      • CA-PVWABaseURL – The URL of the machine where the PVWA is installed (e.g. https://www.myserver.com)

    5. Click Finish; the initial ENE configuration is saved and the Email notification setup message appears.

    6. Click Yes; a test email is sent to the members of the Vault Admins group.

Authenticated and encrypted email notifications

Configure authenticated email notifications

After you have configured encryption for email notifications, you can add an additional level of security by configuring authentication too.

  1. In the NotificationEngine Safe, create an account that will authenticate to your mail server. Make sure this account has permission to send from the mailbox specified in the Mail parameter.

  2. In Administration > Notification Settings, expand EventNotificationEngineSendMethod > SendMethod > Security and set the following parameter:

    Parameter

    Value

    SMTPAccountName

    The name of the account you created in step 1 and stored in the NotificationEngine Safe.
    Note: This is not the username.

Configure encrypted email notifications

  1. In the SMTP server, export the trusted root certificate that issued the SMTP server’s TLS certificate in Base-64 encoded X.509 format.

  2. Copy the exported certificate to the ENE server (also the Vault server).

  3. In Administration > Notification Settings, expand EventNotificationEngineSendMethod > SendMethod > Security and set the following parameters:

    Parameter

    Value

    EnableTLS

    Yes

    TLSRootCertificatePath

    The location of the certificate you stored on the ENE/Vault server in step 2.

  4. In Administration > Notification Settings, expand EventNotificationEngineSendMethod > SendMethod > Servers > Server and set the following parameters:

    Parameter

    Value

    CertificateAlias

    The value that appears in the “Issued to:” field in the SMTP server’s TLS certificate.

Logs

In order to monitor ENE activity and status, the following log files are created in the Event Notification Engine installation folder:

ENEConsole.log

This file contains informational messages and errors that refer to ENE function. This log is meant for the system administrator who needs to monitor the status of the ENE.

ENETrace.log

This file contains errors and trace messages that can be used for troubleshooting. The types of messages that are included depend on the debug levels that are specified in the EventNotificationEngine.ini configuration file.

Parameters

Parameter

Defines ...

ControllerDebugLevel

The controller debug level.

CollectorDebugLevel

The collector debug level.

ParserDebugLevel

The parser debug level.

SMTPSenderDebugLevel

The SMTP sender debug level.

Trace levels

The amount of information written in the ENETrace.log is determined by the following trace levels:

Trace level

Indicates

1

Only exceptions will be written in the trace log.

2

Trace messages will be written in the trace log.

3

Vault connectivity errors will be written in the trace log. This trace level is only available for the ControllerDebugLevel parameter.

4

Vault connectivity debug and activity logging will be written in the trace log. This trace level is only available for the ControllerDebugLevel parameter.

New log files

New log files are created in either of the following scenarios:

Scenario

Description

Each time the ENE is started

New log files are created each time the ENE is started. When the ENE stops running, the log files are timestamped and stored in the ‘Event Notification Engine\Logs\Old’ folder so that they do not overwrite existing log files.

When the log files reach 50 MB

When the log files reach 50 MB, they are timestamped and stored in the ‘Event Notification Engine\Logs\Old’ folder and new log files are created.

Record ENE activities in the Event Viewer

In addition to the above log files, the Event log records activities that are performed by the ENE until the EventNotificationEngine parameters are retrieved from the Vault and the log files are created according to the specified parameters. This enables users to track all the activities carried out by the ENE from the moment it starts working.

In order to identify ENE components that performed activities, the following prefix is added to messages in the Event log:

Cyber-Ark ENE
Event Notification Engine (2024)
Top Articles
65 of the Best Gluten Free Vegan Thanksgiving Recipes!
The Pillowy Bread Recipe That I’ve Baked More than a Dozen Times
2017 Ram 1500 Laramie for sale - Portland, OR - craigslist
Used 2022 Ram 1500 For Sale at Kernersville Chrysler Dodge Jeep Ram | VIN: 1C6SRFFT0NN221845
Latest Posts
45+ Best Vitamix Recipes
28 Delicious Vegan Thanksgiving Recipes for 2020
Article information

Author: Msgr. Refugio Daniel

Last Updated:

Views: 6433

Rating: 4.3 / 5 (74 voted)

Reviews: 89% of readers found this page helpful

Author information

Name: Msgr. Refugio Daniel

Birthday: 1999-09-15

Address: 8416 Beatty Center, Derekfort, VA 72092-0500

Phone: +6838967160603

Job: Mining Executive

Hobby: Woodworking, Knitting, Fishing, Coffee roasting, Kayaking, Horseback riding, Kite flying

Introduction: My name is Msgr. Refugio Daniel, I am a fine, precious, encouraging, calm, glamorous, vivacious, friendly person who loves writing and wants to share my knowledge and understanding with you.