Sentrigo Hedgehog…

During OpenWorld this year I bumped into a guy called Slavik Markovich from Sentrigo. We chatted about a couple of things and he gave me his card. That’s when I realized Sentrigo were the company who’d been advertising quite heavily through Google Ads on many Oracle sites, including my own.

I’m not really into reviewing products unless they really jump out at me, but Slavik seemed like a nice guy so I thought I’d take a look at what Sentrigo were doing. After returning to the UK I downloaded their Hedgehog product, but never got round to using it. The website says,

“Hedgehog: Real-time database monitoring, auditing and breach prevention”

Since then I’ve had a number of phone calls from their marketing department asking how I got on with the product, to which I’ve been replying, “I haven’t installed it yet.” πŸ™‚

Well, today I finally got round to installing the Enterprise Product on an Oracle Enterprise Linux (OEL) 5 virtual machine running an 11g database. You have to install a server package, plus a sensor for each host you want to monitor. As this was only a test I installed the server and sensor packages on the same VM as my database. The installations went smoothly. All you have to do is execute a “.bin” file for each package.

Once the installation was complete I hit my first minor issue. How do you get into the product?

The installation didn’t give me any clue about the command or URL I should use to access the product. I did a search on the OS using “find / -name sentrigo” and found a directory called “/usr/local/sentrigo-server”, so I figured that was a place to start. A quick look in the “conf/server.xml” file told me port 8080 was used for non-SSL connections, so I pointed my browser at “http://oel5-11g.localdomain:8080” and I had a log in screen. Later I noticed the help text that comes with the product contained the default URL information, but as this is only available once you’ve logged in, including it in the installation output would have been a nice touch.

That’s when I hit my second minor issue. What do you log in as?

I tried admin/admin and got in. πŸ™‚ The help text (available after you’ve logged in πŸ˜‰ ) suggests you use the username/password entered during the installation. I assume the Windows installation includes this, but the Linux one certainly doesn’t. Once again, a message in the installation output telling you the default login credentials would have been nice. Either that, or put a link the help from the login screen.

So, what does it do?

The product contains a whole bunch of predefined rules for situations that Sentrigo believe represent a risk to your database. It also allows you to define your own rules using a rules wizard. For example, you may create a simple rule that says if the terminal accessing the database doesn’t equal “X”, this constitutes a breach. The rules can be as simple or complicated as you wish. The server then monitors your databases via the sensors and logs alerts when any of the rules have been broken. You can view the alerts through the server application, or have them emailed to you.

What do I think of it?

That’s a little difficult because I couldn’t get it to monitor my database (see update at bottom of post). The server was running fine. The sensor was running fine. The database connection information was fine. Even so, the database remained in the “Unmonitored” state. I tried the Standard Product also, but got the same result. Even so, I will make a few comments from my very limited use of the product:

  • It’s a neat idea.
  • It looks really nice.
  • The response to action buttons was not always clear. You hit the save button on some screens and nothing seems to happen. There is no alteration to the screen or message to say your changes have been saved. A few times I found myself clicking the Save button several times not knowing if the changes had taken effect. It may sound a little basic, but a “Your changes have been saved” message is sometimes quite useful, if a little ugly.
  • I have no idea why my database wasn’t monitored. At the time of writing the Supported Configurations and FAQ pages on the website were not available and I could see nothing in the help file. It might be as simple as 11g is not supported or a problem with my VM, but I have no evidence for either of these (see update at bottom of post).
  • It would be nice if the installation listed the URLs to access the product and the default login credentials somewhere near the bottom of the output. Maybe the default URLs and login details are available on the website normally, but they weren’t today.

It would be good to see a review of this product by an expert in the security field, like Pete Finnigan. It would also be nice to see some comparison between this product and the notification rules of Oracle Enterprise Manager Grid Control, but I don’t think I’m really the guy to do this.

I guess it would also be nice to see a working version of the product, but I don’t know if I’m going to spend any more time on this in the near future. I’m already in the weeds and this isn’t really top of my list. I might just look out for the Sentrigo stand at OpenWorld next year. πŸ™‚

Cheers

Tim…

Update: I had a message from Slavik telling me that 11g on Linux is not supported, so my problems weren’t a reflection of problems in the product. Currently only 11g on Windows 32-bit is supported, but the next version will sort this. As I said before, I’m not sure when I’ll have the time to revisit this product, but it does look neat.

Author: Tim...

DBA, Developer, Author, Trainer.

7 thoughts on “Sentrigo Hedgehog…”

  1. Tim – many thanks for taking the time to download and try Hedgehog.

    The main reason you did not manage to monitor the database is that presently Hedgehog supports 11g on Windows 32bit only. We’ll support 11g on Linux in the upcoming release. Hedgehog does alert you that the particular version is not supported (and your experience tells me that the message is not highlighted enough – will be fixed!). Same goes to the server URL -by the way – we do show a message on the screen at the end of the install but your experience tells me that it is easy to miss and we will think of ways to have this information readily available in other places.
    I am truly sorry that you did not enjoy the full Hedgehog experience, and I really hope that you will have the opportunity to see it in action, once you have some more free time.

  2. Nigel: I guess Pete having a “vested” interest might unnerve some people, but I trust him to give an honest appraisal.

    Slavik: Thanks for the update. I’ve made a couple of amendments to the article to explain why I had problems.

    I checked through the installation again and I couldn’t see an error message or warning about not supporting the version. I guess I’m just not looking in the correct place. There is also nothing shown on the console. As you say, I think you definitely need to highlight this more to stop numpties like me getting confused. πŸ™‚

    Whilst checking the installation test I also couldn’t find the URL. All I get is:

    Extracting rpm: sentrigo-server-jre-1.2.1-5464.i586.rpm ...
    Checksumming...
    Installing rpm file...
    Preparing...                ########################################### [100%]
       1:sentrigo-server        ########################################### [100%]
    Unpacking JAR files.....
    .........................
    .........................
    .........................
    .........................
    .........................
    ........
    #

    and:

    # rpm -Uvh sentrigo-sensor-1.2.1-2839.i386.rpm
    Preparing...                ########################################### [100%]
       1:sentrigo-sensor        ########################################### [100%]
    #

    I did enjoy using the product. I think it’s really neat. The usability things I mentioned are not show-stoppers, just things that jumped out at me. Someone else might have a completely different opinion. There’s nothing to say I’m correct. πŸ™‚

    Cheers

    Tim…

  3. Hi Tim,

    To see the error message, please take a look at the upper right corner blinking hedgehog with “Severe Messages” link. I’ve just tried this and the error message I received reads: “A severe sensor error occurred. Please contact Sentrigo support : Oracle Major version not supported”.

    About the rpm installation, you’re right. We’ll fix in our next version.

    Thanks,
    Slavik

  4. Hi.

    That’s strange. I didn’t get that message. I only got the messages telling me to change my admin password and to set the email details. I’m not going to pursue this since it’s not supported anyway. πŸ™‚

    If I have time I’ll try a reinstall against 10g and have a play.

    Thanks for your help.

    Cheers

    Tim…

  5. Hi Tim and Nigel,

    Sorry for the delayed comment here. I saw this post a few weeks ago and I have had it in my mind to comment but lack of time prevented it. I will do a review of Hedgehog and post it to my website but to do it properly and write it up I need to allocate some time. I have done just that now and will aim to get a review out by the 21st of March. I can understand Nigel’s comment about my neutrallity and I also thank Tim’s view of his trust in me. For those reasons, of course the review will be suitably caveated to show exactly where I stand in relationship to Sentrigo so that there is no mistakes. Also I am going to approach it from the view point of “why did I choose to work with Sentrigo’s Hedgehog” – its my opinion, my views of the product, with this angle I hope everyone will accept it with the spirit its intended.

    cheers

    Pete

Comments are closed.