Event Management Agent

An Event Management Agent is required to configure event brokers and discover runtime data using Event Portal. Event Management Agents have the following deployment options:

Event Management Agents support connections to PubSub+ Cloud event broker services, Solace software event brokers and appliances, and Kafka clusters and Confluent schema registries.

Cloud-Based Event Management Agent in Public Regions

The Solace-managed, cloud-based Event Management Agent connects all of your event broker services in aPublic Region to Event Portal. For event broker services in a Public Region in the same PubSub+ Cloud account, the connection is set up automatically in your account when you add an event broker service to a modeled event mesh. You don't need to take extra steps to enable it.

You must keep basic authentication for management access enabled on your event broker service to connect an event broker service with Event Portal using the cloud-based Event Management Agent.

In the following architecture diagram, the red box highlights the Event Management Agent:

Diagram of the Cloud architecture that highlights the Event Management Agent in the cloud.

The security measures applied in this scenario include:

  • The Event Management Agent connects only to the event broker services specified in a modeled event mesh in Event Portal.

  • Event Portal authenticates all operation requests, which prevents unauthorized users and any other organization sharing the datacenter from performing operations on your event broker service.

  • Connections with the Event Management Agent use TLS.

  • The Event Management Agent never stores configuration details or credentials.

Cloud-Based Event Management Agent in Dedicated and Customer-Controlled Regions

The Solace-managed, cloud-based Event Management Agent connects all event broker services in a single datacenter to Event Portal. For event broker services in Dedicated Regions or Customer-Controlled Regions in the same PubSub+ Cloud account, you enable one cloud-based Event Management Agent for all event broker services in a datacenter. For more information, see Connecting Event Broker Services to Event Portal With a PubSub+ Cloud Connection.

You must keep basic authentication for management access enabled on your event broker service to connect an event broker service with Event Portal using the cloud-based Event Management Agent.

We recommend using the cloud-based Event Management Agent to connect your event broker services to Event Portal in all situations where it is supported, unless:

  • Your organization's security policies don't allow you to connect your operational event broker services to Event Portal.

  • You want to redact sensitive data from scan files before manually uploading the data to Event Portal.

In the following architecture diagram, the red box highlights the Event Management Agent:

Diagram of the Cloud architecture that highlights the Event Management Agent in the cloud.

The security measures applied in this scenario include:

  • The Event Management Agent connects only to the event broker services in your datacenter.

  • The Event Management Agent never stores configuration details or credentials.

Cloud-Based Event Management Agent Communication with PubSub+ Cloud

Customer-Controlled Region customers must ensure their networks meet connectivity requirements, including allowing communication over port 55443 to specific hosts and IP addresses as listed in the Connectivity Model for Kubernetes Deployments.

Event Management Agents in Connected Mode

In connected mode, you install Event Management Agents within your own network. For more information, see Setting Up a Connected Event Management Agent.

We recommend connected mode in these use-cases:

  • Your event broker services are managed in a different PubSub+ Cloud account.

  • You want to connect a Solaceappliance or software event broker to Event Portal.

  • You want to audit Kafka clusters and Confluent schema registries.

In the following architecture diagram, the red box highlights the Event Management Agent:

Diagram of the Cloud architecture that highlights the Event Management Agent in Scan from Event Portal mode

The security measures applied in this scenario include:

  • The Event Management Agent must authenticate with the event brokers it connects to so it can securely exchange information.

  • Authentication credentials are retrieved on a per-connection basis, and are not stored in the Event Management Agent.

  • Communication between the Event Management Agent, Event Portal, and your event brokers occurs over secured connections.

Event Management Agents in Offline Mode

Event Management Agents in Upload Scan File Mode

In offline mode, you install Event Management Agents within your own network. For more information, see Setting Up an Offline Event Management Agent.

We recommend offline mode in these use-cases:

  • Your organization's security policies don't allow you to connect your operational event brokers to Event Portal. For example, your event brokers are not connected to the internet.

  • You want to redact sensitive data from scan files before manually uploading the data to Event Portal.

Offline mode requires two Event Management Agents:

  • An Event Management Agent to communicate with Event Portal.

  • An Event Management Agent to communicate with your event brokers.

In the following architecture diagram, the red box highlights the Event Management Agents.

Diagram of the Cloud architecture that highlights the Event Management Agent in Upload Scan file Mode

The security measures applied in this scenario include:

  • There is no direct connection between PubSub+ Cloud and your event brokers.

  • Offline mode does not allow you to send event broker configuration from Event Portal to operational event brokers.