Quick Start Guide: https://www.sentryone.com/help/qs/webframe.html#Introduction.html
User Guide: https://www.sentryone.com/help/ug/#Overview.html
SentryOne Blogs: https://blogs.sentryone.com/
SentryOne Help Center: https://support.sentryone.com/hc/en-us
SentryOne has three components. The client, monitoring service, and the repository. In general, the monitoring service remotely collects data from the target servers, and writes it to the SentryOne repository. The SentyOne client then pulls retained data from the repository.
It is our best practice to have the service account be a domain account. It will require local Windows Admin rights on the Windows level and additionally Sys.admin rights on all SQL server targets you wish to monitor:
SentryOne also needs several ports open in order to collect data from targets servers:
For full access to collected data through the SentryOne client, users simply need db_owner permissions for the SentryOne repository. However, there are ways to restrict visibility and functionality a particular user has in the client.
Rights Based Security: https://www.sentryone.com/help/ug/#SentryOne_Client_Security.html
Role Based Security: https://www.sentryone.com/help/ug/#Role_Based_Security_Overview.html
We recommend that no SentryOne components be installed directly on production servers.
Our recommended best practice is to host the SentryOne repository on its own SQL Server, and each monitoring service on it's own VM. However in smaller environments, with adequate resources, there is no problem hosting a monitoring service on the same server as the SentryOne repository. The client would be installed on a local work station or possibly the monitoring service machines if enough resources are available.
However, if this is not possible a testing or development server that does not have a heavy workload could work as well.
If you plan to host SentryOne in one domain, and monitor targets in another domain, modifications to the implementation may be required. If there is full trust between domains, then modifications may not be necessary. Our two options for cross-domain monitoring are Site Configuration and Pass-Through Authentication. Note, we always recommend Site Configuration, as Pass-Through Authentication behavior can be inconsistent.
Site Configuration: https://support.sentryone.com/hc/en-us/articles/201001670-Configuring-Sites
As always, if you have any questions or concerns while setting up SentryOne, please contact our dedicated Support team (Support@SentryOne.com).