Integrate > SA-HPELN integration > Setting up your integration

Setting up your integration

This section describes how to configure the LNc, as well as its Services and Streams. It also describes how to verify whether content was downloaded and where the LNc log file is located.

Configuring the Live Network connector

This topic describes how to configure the LNc to connect to the HPE Live Network.

  1. Add the following to your PATH variable:

    • <install_directory>/lnc/bin

      For example:

      export PATH=$PATH:<install_directory>/lnc/bin

  2. Open a command prompt on the computer where the LNc is installed.

  3. To set the user name and password, enter the following command:

    live-network-connector write-config --username=<username>--password=<password>

    The --username and --password commands can also be run separately.

    Note Manual editing of any LNc configuration file is not supported and could lead to corruption or lost settings. Use the write-config command instead.

  4. To check the URL that the LNc connects to in order to download content, execute the following command: live-network-connector read-config --url

    The output should display the following URL:

    https://hpln.glb.itcs.hp.com

  5. (Optional) If you need to use a proxy server to access the HPE Live Network, run the following command:

    live-network-connector write-config --http-proxy=<HTTP_PROXY> --http-proxy-user=<HTTP_PROXY_USER> --http-proxy-pass=<HTTP_PROXY_PASS>

    The --http-proxy, --http-proxy-user, and --http-proxy-pass commands can also be run separately.

  6. The default path to the LNc log file is:

    • <install_directory>/lnc/log/live-network-connector.log

  7. The default path to the LNc cache directory is

    • <install_directory>/lnc/cache

    • (Optional) You can change this value, but be aware that doing so can potentially cause the redownload and re-import of previously obtained content, so use with caution. To change this default value, execute the following command on the system where the LNc is installed:

      live-network-connector write-config --cache=<PATH>

  8. The default path to the LNc lock file is:

    • <install_directory>/lnc/live-network-connector.lock

  9. To configure the LNc for a specific product, specify it by using --product.

    To see a list of supported product values, including the long product name, you can run the following command: live-network-connector list-products

    This provides a listing of currently supported products, which should be used in the next configuration step.

    For example, to configure your LNc installation to support Server Automation (sas), execute the following command on the system where the LNc is installed:

    live-network-connector write-config --product=sas

    Important To enable multiple products, a single write-config command must be executed with a --product for each product. Note that subsequent write-config commands will overwrite the previous values.

    • Manual editing of any LNc configuration file is not supported and could lead to corruption or lost settings. Use the write-config command instead.
    • Depending on the products enabled, some additional settings are required. For more information, see the product documentation or the product admin.

  10. Once the product has been configured, you can see a list of available content (streams) for the selected product, run the list-streams command.

    For example: live-network-connector list-streams

    Note If no streams are returned, ensure that you have configured the system for a specific product.

  11. Perform any additional queries against those streams as desired (such as through the describe command).

    For example:

    live-network-connector write-config --stream=content.ms_patch_supp

  12. To set the values of username (sas_user) and password (sas_pass) of the SA user account used to access SA, run the following command: 

    live-network-connector write-config
    --setting=sas.sas_user=<sa_username>
    --setting=sas.sas_pass=<sa_userpassword> --add

  13. To set the values of cbt_path and cbt_config_path to the path for the CBT executable and CBT configuration file, run the following command:

    live-network-connector write-config
    --setting=sas.cbt_path=<cbt_pathname>
    --setting=sas.cbt_config_path=<cbt_config_pathname> --add

Configuring the content and security streams

Each stream in a service must be enabled in the LNc configuration using the live-network-connector command followed by write-config plus the specific parameters for each stream. A stream is activated when you set its value to 1.

For example, to activate the stream, enter the following command from a shell on the server where the LNc is installed:

live-network-connector write-config --stream=security.cc_library --enable

The LNc must be installed on the server the SA software repository component is installed on. The LNc must be configured as described in Configuring_the_Live_Network_connector.

Note If you run the live-network-connector write-config command and you receive a message that the configuration parameter does not exist, append the --add option to the command. Manual editing of any LNc configuration file is not supported and could lead to corruption or lost settings. Use the write-config command instead.

Configuring the Microsoft patch supplement stream

To configure the LNc to activate the Microsoft Patch Supplement stream:

  1. On the system where the LNc is installed, run the following command to enable the Microsoft Patch Supplement stream:

    live-network-connector write-config --stream=content.ms_patch_supp --enable

  2. (Optional) To disable the Microsoft Patch Supplement stream, run the command using the -- disable command:

    live-network-connector write-config --stream=content.ms_patch_supp --disable

  3. (Optional) To enable the Microsoft Patch Supplement stream to overwrite the metadata when the content is imported into SA, set the sas.force_win_patch_import parameter.

    For example, to enable the option, run the following command:

    live-network-connector write-config --setting=
    sas.force_win_patch_import=1 --add

  4. (Optional) To disable this option, run the following command:

    live-network-connector write-config --setting=
    sas.force_win_patch_import=0 --add

  5. Enter the following command to launch the LNc:

    live-network-connector

Configuring the software discovery stream

To configure the LNc to activate the SA software discovery stream:

  1. On the system where the LNc is installed, run the following command to enable the software discovery stream:

    live-network-connector write-config
    --stream=content.software_discovery --enable

  2. (Optional) To disable the software discovery stream, run the command using the --disable option:

    live-network-connector write-config
    --stream=content.software_discovery --disable

  3. Enter the following command to launch the LNc:

    live-network-connector

Configuring the SA DMA stream

To configure the LNc to activate the sa_dma stream:

  1. On the system where the LNc is installed, run the following command to enable the sa_dma stream:

    live-network-connector write-config --stream=content.sa_dma --enable

  2. (Optional) To disable the sa_dma stream, run the command using the --disable option:

    live-network-connector write-config --stream=content.sa_dma --disable

  3. Enter the following command to launch the LNc:

    live-network-connector

Configuring the content operating system platform family streams

To configure the LNc to activate the platform streams (Linux, Unix, Windows and VMware):

  1. On the system where the LNc is installed, run the following command to enable the platform_<family_platform_type> stream:

    live-network-connector write-config --stream=content.platform_<family_platform_type> --enable

  2. (Optional) To disable the platform_<family_platform_type> stream, run the command using the --disable option:

    live-network-connector write-config --stream=content.platform_<family_platform_type> --disable

  3. Enter the following command to launch the LNc:

    live-network-connector

Configuring the Solaris patch supplement stream

As a prerequisite for downloading this content, solpatch_import.conf file from: /etc/opt/opsware/solpatch_import/ should be edited (values for sa user/password, download user/password, proxy host and fujitsu_download_user/pass should be added).

Using the solpatch_import.conf, a db should be created.

To configure the LNc to activate the solaris_patching stream, perform the following steps:

  1. On the system where the LNc is installed, run the following command to enable the solaris_patching stream:

    live-network-connector write-config --stream=content.solaris_patching --enable

  2. (Optional) To disable the solaris_patching stream, run the command using the --disable option:

    live-network-connector write-config --stream=content.solaris_patching --disable

  3. Enter the following command to launch the LNc:

    live-network-connector

Configuring the security scanner stream

To configure the LNc to activate the security_scanner stream, perform the following steps:

  1. On the system where the LNc is installed, run the following command to enable the security_ scanner stream:

    live-network-connector write-config
    --stream=security.security_scanner --enable

  2. (Optional) To disable the security_scanner stream, run the command using the --disable option: 

    live-network-connector write-config
    --stream=security.security_scanner --disable

  3. Enter the following command to launch the LNc:

    live-network-connector

Configuring SA vulnerability content streams

To configure the LNc to activate the SA vulnerability content streams, perform the following steps:

  1. Log in to the system where the LNc is installed.

  2. From the command line, set specific LNc configuration parameters to 1 in order to activate each SA vulnerability content stream you want to receive updates from.

    For example, if you have subscribed to vulnerability content for SA, run the following command:

    live-network-connector write-config --stream=security.vc_winxp
    --stream=security.vc_win2k3 --stream=security.vc_rhel3
    --stream=security.vc_hpux11 --enable

  3. (Optional) To disable a stream, execute the command using the --disable option:

    live-network-connector write-config --stream=security.vc_winxp
    --stream=security.vc_win2k3 --stream=security.vc_rhel3
    --stream=security.vc_hpux11 --disable

Configuring SA compliance content streams

The security.cc_library stream is a prerequisite stream that enables all SA compliance streams, and should be run at least once on each SA system you want to download content onto. Each time you want to import new content from the HPELN, this stream should be enabled.

To configure the LNc to activate the SA compliance content streams, perform the following steps:

  1. Log into the system where the LNc is installed.

  2. From the command line, set specific LNc configuration parameters to 1 in order to activate each SA compliance content stream you want to receive updates from.

    For example, to enable compliance content for SA Audit and Remediation, run the following command:

    live-network-connector write-config —stream=security.cc_library
    --stream=security.ec_disa_stig --enable

  3. (Optional) To disable a stream, run the command using the --disable option:

    live-network-connector write-config —stream=security.cc_library
    --stream=security.ec_disa_stig --disable

Send Help Center feedback