Defining Custom Properties to Apply to SharePoint Sites
For SharePoint Server farms that are subscribed to the Managed Metadata Service Application, ControlPoint Application Administrators can use Managed Metadata to define "Custom Properties" which can be applied to SharePoint sites via the ControlPoint Set Site Properties action. Unlike SharePoint, which allows Managed Metadata to be applied only to a list column, ControlPoint allows you to" tag" a site with Managed Metadata, for use as parameters in ControlPoint Advanced Searches.
NOTE: For Custom Properties to be definable, the Web application that hosts ControlPoint Configuration Site Collection must be associated with the relevant Managed Metadata Service Application(s).
To define Custom Properties:
1Open the Settings page for the ControlPoint Configuration Site's Custom Properties list.
2Under Columns, click Create column.
3Enter a Column name (that is, the name you want to assign to the Custom Property), and for column type, select Managed Metadata.
4For Term Set Settings, either:
§select Use a managed term set, then select the term set you want to use.
OR
§select Customize your term set, then create the term set you want to use.
NOTE: Although list-specific term sets are not available to other lists in the farm when used within SharePoint, term sets created within this list can be used as ControlPoint Custom Properties by all sites throughout the farm.
NOTE: Additional settings, such as Allow multiple values, Allow Fill-in, and Default value are not valid for Custom Properties
5To save the custom property, click [OK].
Custom Properties defined within this list will be available for selection in the Set Site Properties user interface.
NOTE: If you delete a Managed Metadata column from the Custom Properties list, it will no longer be selectable as a Custom Property, and any existing site associations will be lost.
Purging Historical Activity and Storage Data from the ControlPoint Services (xcAdmin) Database
The Purge Historical Data action lets you purge SharePoint activity and storage datawhich is captured by the ControlPoint Discovery process and is used in analyzing historical datafrom the ControlPoint Services (xcAdmin) database.
Data is purged from one farm per operation, and you can specify how many months' worth of data you want to retain.
IMPORTANT: Once data is deleted from the xcAdmin database it cannot be recovered and will no longer be available for inclusion in future ControlPoint activity and storage analyses. Therefore, it is recommended that you back up the database before performing this operation.
To purge activity and storage data:
1From the Manage ControlPoint panel, choose ControlPoint Management > Purge Historical Data.
2Select the Farm from which you want to purge historical data.
3Enter the Number of Number of months to keep historical activity and storage data for.
CAUTION: If you enter 0, all historical activity and storage data will be deleted from the database.
Now you can:
·run the action immediately (by clicking [Run Now]),
OR
·schedule the action to run at a later time
OR
create an xml file with instructions for the action that can be run at a later time (by clicking [Save Instructions]). See "Saving, Modifying and Running XML Instructions for a ControlPoint Operation" in the ControlPoint User's Guide.
If you chose the Run Now, option, after the action has been processed:
·a confirmation message displays at the top of the page, and
·a ControlPoint Task Audit is generated for the action and displays in the Results section.
If you schedule the action, a link to the Task Audit is included in the scheduled action notification email.
See also "The ControlPoint Task Audit" in the ControlPoint User Guide.
Enabling Server Details to Display in the SharePoint Summary Report
If you want to be able to include details about servers in your SharePoint farm in the SharePoint Summary report, the ControlPoint Service account must have permissions to request status information from each server that you want to include.
NOTE: Because the reporting of server details is a time-consuming process, it is an optional parameter in the SharePoint Summary Report user interface.
To ensure that the ControlPoint Service account has permissions to request server information, verify that:
·the ControlPoint Service account is a member of the local Administrators group on the target server
·the local Administrators group has "Remote Enable" Permissions for WMI on the target server
·remote WMI requests can be made on the target server.
Ensuring the Local Administrators Group has Remote Enable Permissions for WMI
NOTE: Remote Enable permissions is granted to the Local Administrators group by default.
1From the server whose statistics you want to display, choose All Program > Administrative Tools > Computer Management.
2Expand the Services and Applications node.
3Select WMI Control, right-click, and choose Properties.
4Click the Security tab.
5Click [Security].
6Make sure Remote Enable is allowed for the local Administrators group.
7If the target server is running Windows Firewall (a.k.a Internet Connection Firewall), run the following from the command prompt to allow remote WMI requests:
netsh firewall set service RemoteAdmin enable
Preparing Your Environment for Using ControlPoint Sentinel
If you want to use ControlPoint Sentinel for anomalous activity detention, you must prepare your environment so that data collection can begin.
A.SharePoint auditing must be enabled on all site collections for which Anomalous Activity detection will be performed.
B.Anomalous Activity Detection must be enabled to run:
§via the Anomalous Activity timer job
OR
§as part of the ControlPoint Scheduled Job Review.
Enabling SharePoint Auditing
ControlPoint Sentinel analyzes the following SharePoint audit log events for Anomalous Activity Detection:
·Editing items
·Deleting or restoring items
·Opening or downloading documents, viewing items in lists, or viewing item properties.
You can enable these settings for individual site collections from within SharePoint or, for a larger scope, using the ControlPoint Manage Audit Settings action.
Enabling the Anomalous Activity Detection Job
1From SharePoint Central Administration, select Monitoring, then choose Timer Jobs > Review job definitions.
2Select ControlPoint Anomalous Activity Detection Job.
By default, the job is scheduled to run daily, at 5:00 am (local server time). You may however, change the schedule to run more frequently. Note that, the more frequently the job is run, the sooner an alert may be generated when an Anomalous Activity Limit is reached.
3Click [Enable].
Enabling Anomalous Activity Detection via the ControlPoint Scheduled Job Review
As an alternative to using the Anomalous Activity Detection Job, you can choose to have anomalous activity detection performed as part of the ControlPoint Scheduled Job Review (which, by default, runs every 10 minutes). ControlPoint Application Administrators can enable this option by changing the ControlPoint Configuration Setting Enable Options That Require Anomalous Activity Detection from False to True.
