![]() |
Copyright © TIBCO Software Inc. All Rights Reserved |
All the required configuration parameters for Hawk Console are stored in the hawkconsole.cfg configuration file located at HAWK_HOME/bin.You can register a Hawk domain to the Hawk Console and specify the transport type for the communication. You can either use web interface of Hawk Console or configure the domain and transport configuration file (DomainTransportConfig.yml).For information about how to register a domain to Hawk Console using the web interface, see TIBCO Hawk Console User’s Guide.The domain and transport configuration file (DomainTransportConfig.yml) for Hawk Console contains the parameters to connect to regular and proxy domains.For more information about proxy domains, see TIBCO Hawk Concepts Guide.You can specify the location of the DomainTransportConfig.yml file by using the -domain_config_file option in the Hawk Console configuration file (hawkconsole.cfg). For details on options present in the hawkconsole.cfg file, see Table 13, Hawk Console Configuration Options.In the DomainTransportConfig.yml file you can specify the following elements for the connection:
• domainConfiguration - The parent tag for the domain and transport configurations for Hawk Console.
− regular - For details about fields for the proxy domain type, see Table 10, Configuration Fields in DomainTransportConfig.yml for the Regular Domain Type
− proxy - For details about fields for the proxy domain type, see Table 11, Configuration Fields in DomainTransportConfig.yml for Proxy Domain Type
• domainName - Name of the domain that is to be registered.The following figure shows the hierarchy of the tags that can be defined in the DomainTransportConfig.yml file.
• tibtcp - TCP Transport for TIBCO Hawk
• tibrv - TIBCO Rendezvous Transport
• tibems - TIBCO Enterprise Message Service (EMS) Transport <self IP>:<self port> <cluster manager IP>:<cluster manager port> The default value is TLSv1.2. The default value is TLS_RSA_WITH_AES_128_CBC_SHA. Specify the password for the emsUserName.
• j2se (default) - Use this option when you want to use the default Java Cryptography Extension (JCE) bundled with the Java JRE.
• entrust61 - Use this option when you want to use the Entrust libraries.
• ibm - On non-IBM platforms, this option can be used only if the IBM version of JCE is installed.
<domain IP>:<domain port> <user name>:<encrypted password> Specify the value as true for connecting to the domain using a secure channel. The default value is true.For example, the following is a sample code of the DomainTransportConfig.yml file for a non-secure connection to the default domain using TCP Transport for TIBCO Hawk.
For the file-based authentication, the user details are stored in the hawkconsole-user.cfg file. By default, the configuration file is located at <CONFIG_HOME>/bin. If required, you can configure its location by using the -user_file_store option in the hawkconsole.cfg file.The syntax for a user entry in the hawkconsole-user.cfg file is:<user_name>:<encrypted_password>For more details on user authentication properties, see Table 13, Hawk Console Configuration Options.In the database based authentication, the user names and passwords are stored in the database. Hawk Console supports both in memory database and external database to store authentication details. For more information about configuring an external database in Hawk Console, see Configuring an External Database
1. Add the new user in the users table.
2. Create a mapping in the table user_privilege_mapping.For the LDAP-based authentication, the user details are stored in the hawkconsole.cfg file. By default, the configuration file is located at <CONFIG_HOME>/bin.For selecting LDAP as the user store, modify the hawkconsole.cfg file as follows:
1. Under -M UserAuth, specify LDAP as the user store type:
2. Under -user_store_type ldap, specify the LDAP-based user authentication properties.For more details about user authentication properties that can be specified, see Table 13, Hawk Console Configuration Options.To enable the secure communication, uncomment and configure the following fields in the Hawk Console configuration file (hawkconsole.cfg):
•
•
• Add the appropriate .jar file of the JDBC Driver classes, from the database vendor, to the folder HAWK_HOME/<version>/lib/ext/console-ext.Each section in this configuration file (HAWK_HOME/bin/hawkconsole.cfg) begins with “-M” followed by the module name, such as –M Self. Within each modular section, all the command-line options that can be configured are listed. These options are as follows:
Table 12 Hawk Console Modules and Options -domain_config_file <domain config file path> -server_port <port number> -key_alias <key alias> -key_password <encrypted key password> -key_store <key store file path> -key_store_password <key store password> -protocol <security protocol> -ciphers <cipher name> -subscription_expiry_time <expiry time> -proxy_alert_count_pull_interval <time interval> -proxy_domain_reachability_check_interval <time interval> -datasource_url <Datasource URL> -datasource_drivername <JDBC driver name> -datasource_username <Database user name> -datasource_password <Database password> -datasource_connection_pool_initial_size <Initial number of database connections to be allocated> -datasource_connection_pool_max_idle <Maximum number of idle database connections allowed> -datasource_connection_pool_max_active <Maximum number of active database connections allowed> -retention_count_for_notification <Alert limit for Notification. Default is 100000.> -retention_count_for_high_alerts <Alert limit for High Alerts. Default is 100000.> -retention_count_for_medium_alerts <Alert limit for Medium Alerts. Default is 100000.> -retention_count_for_low_alerts <Alert limit for Low Alerts. Default is 100000.> -repository_path "CONFIG_HOME/hawk/repository" -alert_manager_activity_interval <time interval in milliseconds> -log_dir <directory to store TIBCO Hawk logs> -log_max_size <maximum size of log file> -log_max_num <maximum number of log files> -log_level <required trace level for logs> -log_format <log format> -user_store_type <store type> -user_file_store <path of file store>
Table 13 Hawk Console Configuration Options CONFIG_FOLDER/bin/DomainTransportConfig.yml CONFIG_FOLDER/logs The maximum size of a rotating log files in KB. You can apply a suffix ’m’ or ’M’ for indicating MB values.
• 4 - Indicates error level trace messages should be enabled.
• 6- Indicates warning level trace messages should be enabled.
• 7 - Indicates information level trace messages should be enabled.
• 8 - Indicates debug level trace messages should be enabled.
• 16 - Indicates AMI level trace messages should be enabled.
• A value of -1 turns all tracing on.
• database - In the database based configuration, the user names and passwords are stored in the database.
• file - In the file based configuration, the user names and passwords are stored in a file in the disk. Specify the location of the user authentication file in the -user_file_store property.
• ldap - In the ldap based configuration, the user names and passwords are validated with a LDAP directory server. CONFIG_FOLDER/bin/hawkconsole-users.cfg If -user_store_type is file, specify the path of the file which stores user details for authentication.
![]() |
Copyright © TIBCO Software Inc. All Rights Reserved |