Setting up notifications and logging

The following high-level procedure outlines the configuration requirements for enabling logging and notification for certificate management and SSH worfklows.

To set up notifications and logging

  1. Configure the Venafi Log server.

    For further information on the Log server configuration, see Managing the log server.

  2. Configure the Default SQL Channel object.

    The Default SQL Channel is created during installation as a table in the Trust Protection Platform database. If you choose to use a database other than the Trust Protection Platform database as the Default SQL Channel, you must configure the associated database and table structure. You must also provide the new database connection settings in the Default SQL Channel object and reconfigure the Default Channel definition in the Log Server object. For more information on these configurations, see Updating the SQL Server channel object.

  3. Configure the default SMTP options in the root Channel object in the Logging tree.

    For information on these settings, see Setting up notification channels.

  4. Configure the target Channel objects to which you want to forward your notification events.

    You can define your own Channel objects or use the default Channel objects provided in the Channels folder. The following table provides a description of just a few of the default Channel objects that are relevant to expiration notifications:

    Default Channel Objects

    Default Channel Object

    Description

    Email to Consumer (SMTP)

    Emails a notification message to the contacts assigned to the applications that consume the target certificate.

    This channel is used to provide notification for certificate expiration events.

    Email to Owner (SMTP)

    Emails a notification message to the certificate contacts.

    This channel is used provide notification for certificate expiration events.

    Email to Parent (SMTP)

    Emails a notification message to the contacts assigned to the target certificate’s parent object.

    This channel is used to provide notification for certificate expiration and Discovery survey events.

    Email to Ticket Approver (SMTP)

    Emails an approval request to a workflow ticket approver.

    This channel provides workflow approval request notifications.

    For information on Channel object configuration, see Setting up notification channels.

  5. Configure notification rules to provide notifications for certificate and SSH events.

    For steps on managing notification rules, see Working with notification rules

For an explanation of the notification rule object settings, see Notification object settings.