In order for Sentinel to retrieve and process the integration events for alerting and dashboarding, Sentinel requires an integration system user setup with the correct permissions. This article will outline the necessary permissions and the process for creating the user. The process in Workday should not take longer than 5 minutes.
Necessary security permissions:
Create Security Group (ISSG)
- Create a Integration System Security Group by searching for "Create Security Group"
- Select Integration System Security Group (Unconstrained)
- Provide a name to the integration security group such as "ISSG Sentinel"
- Click Ok to save
- Click the disclosure button and find the Security Group -> Maintain Domain Permissions for Security Group menu item
- Add the two Domain Security Policies listed above for GET access
- Finally activate the security group changes by searching for the Activate Pending Security Policy Changes screen.
- Add a note to indicate what changes is being activated
- A confirmation page will appear with a check box. Click that box and click Ok.
Create Integration System User (ISU)
- Create an integration system user by searching for "Create Integration System User"
- Enter a suitable username such as "ISU Sentinel"
- Provide a suitable strong password for the user. Be sure to follow all of the password rules for complexity
- Click OK
Associate ISU with ISSG
- Search for Security group by searching for "View Security Group" and searching for the name of the group created earlier
- Select the disclosure button and click on Integration System Security -> Edit
- Add the ISU created earlier into the integration system users control.
- Click OK to save.