Configure Event Management domain separation
You can configure Event Management for domain separation to create logically defined domains that limit unauthorized access to data. When domains are separated in Event Management, users can only see and manage alerts and events in their own (tenant) domain.
Before you begin
About this task
The following Event Management features have limited domain separation support.
| Feature | Support |
|---|---|
| Event – alert flow | Supported. Separation is based on the domain user that sent events. User access is required for the credentials of the sending API events or in the configuration of the MID Server reporting events. In a multi-domain environment, each MID Server can serve only one domain according to the integration user that it uses. In the configuration of the connector instance, make sure that the MID Server have same domain as Connector instance. To configure pull connectors to support custom domain separation, see Personalize domains for pull connector events to use in event creation. |
| Impact calculation | Supported. Segregation is based on the manner in which CIs are segregated. |
| Application services | Partially supported. Segregation is based on the manner in which CIs are segregated. |
| Dynamic CI groups | Partially supported. Segregation is based on the manner in which CIs are segregated. Note: The discovery process does not segregate CIs by domain. |
| Remediation | Supported. While editing alert management rules, users can only apply relevant workflows. For more information on domain separation in the Flow Designer, see Domain separation and Flow Designer. |
| Alert Aggregation | Supported. In domain-separated environments, alert groups are created only for alerts in the same domain. |
Procedure
- If it is not already active, activate the Domain Support – Domain Extension Installer plugin.
- Configure the connector instance to be in the same domain as the MID Server.