Prerequisites
- Service Account with Read-Only Rights
- HTTPS w/ Username enabled for Outgoing Data Services via Epic System Pulse Configuration Editor
- HTTPS enabled for Incoming Data Services via Epic System Pulse Configuration Editor
- Valid SSL Certificate applied to Epic System Pulse Server
- A copy of the SSL Certificate (*.cer file) is needed for the configuration
- Epic System Pulse Server Address
- Epic resource group name that you'll be connecting to
- Epic resource type id for the above resource group
Article Contents
- Testing the Epic System Pulse Connection
- Epic System Pulse Monitoring Configuration
- Post Installation
Testing the Epic System Pulse Connection
Before proceeding with configuring the Epic System Pulse integration, please test your setup outside of the product to confirm all prerequisites have been met.
- Download and extract the "epicSystemPulseTests" powershell script to the machine that will be hosting the Epic integration for Goliath
- Run the script as admin and follow the below prompts. The script will have two sections worth of prompts and validations:
- Confirming it can connect to the Epic System Pulse Server.
- Expected Prompts:
- Epic System Pulse Server Address
- Username of the service account that has rights to Epic
- Password of the service account that has rights to Epic
- resource type id
- resource group name
- Expected Prompts:
- Confirming it can pull data using the resource group information provided
- Expected Prompts:
- The host ID(s) for the epic data. Please note, it will list the ones it sees available if there are none available, confirm you have the correct resource group name and resource group id
- Start Date/Time for the metric collection (click enter to use the defaults)
- End Date/Time for the metric collection (click enter to use the defaults)
- Expected Prompts:
- Confirming it can connect to the Epic System Pulse Server.
Example Expected Output
Testing the Epic System Pulse Connection
- If the connection is successful you'll expect to see the text "Request Successful" after entering the "resource group" name. This is shown with call out #1 in the above image.
- You should also expect to see connection details following the "Request Successful" message. This is shown with call out #2 in the above image.
Collecting Epic System Pulse Data
- If the metric collection is successful, you'll expect to see the text "Request Successful" and then a large block of data. This is shown with call out #1 in the above image.
Epic System Pulse Monitoring Configuration
Now that the prerequisites have been collected and then connection has been tested, it is time to configure monitoring for the Epic System Pulse environment(s). The configuration is a two part process 1) Import the Epic System Pulse certificate and then 2) Enable Epic Monitoring
Import Epic System Pulse Certificate
- Ensure you have a copy of the Epic System Pulse SSL Certification file (*.cer) on the Goliath Server, location does not matter
- Download and install the Keystore tool - https://keystore-explorer.org/
- Be sure to set the install directory to the agent JRE\bin folder
- If configuring this on the Goliath Server, the default JRE\bin location is one of the following depending on your Goliath version & install directory location
- "C:\Program Files (x86)\MonitorIT\vma-api\jre1.8.0_333\bin\KeyStore Explorer"
- "C:\Program Files\MonitorIT\vma-api\jre1.8.0_333\bin\KeyStore Explorer"
- If configuring this on a machine that is not the Goliath Server the default locations is "C:\Program Files\MonitorIT\vma-api\jre1.8.0_333\bin\KeyStore Explorer"
- If configuring this on the Goliath Server, the default JRE\bin location is one of the following depending on your Goliath version & install directory location
- Note, if using the Browse.. button within the installer then KeyStore Explorer will be automatically appended to the end of the path
- Now that KeyStore Explorer is installed, the import of the certificate can either be done via Command Prompt or the KeyStore Explorer application. See the below sections for the applicable instructions
- Be sure to set the install directory to the agent JRE\bin folder
Import via Command Prompt
- Run Command Prompt as Admin
- Navigate to the appropriate directory via the appropriate command:
- If on the Goliath Server run the applicable command based on your install directory location:
-
cd "C:\Program Files (x86)\MonitorIT\vma-api\jre1.8.0_333\bin"
cd "C:\Program Files\MonitorIT\vma-api\jre1.8.0_333\bin"
-
- If on another machine:
-
cd "C:\Program Files\MonitorIT\vma-api\jre1.8.0_333\bin"
-
- If on the Goliath Server run the applicable command based on your install directory location:
- Then run the following command to import the Epic System Pulse SSL Certification file into the Goliath Agent
- Example:
- The red text is the path the the .cer file
-
keytool -import -alias "epicsystempulse" -keystore "C:\Program Files\MonitorIT\vma-api\jre1.8.0_333\lib\security\cacerts" -file "C:\users\test\Downloads\systempulse.cer"
- Example:
- Then you will be prompted to Enter Keystore Password, which means you are assigning a password to the Keystore entry. Please enter a password that is at least 6 characters.
- You will then be prompted to re-enter the password
- Next, there will be a prompt for Trust this certificate? [no]:, type in yes and then hit the enter key to submit
- You should then be prompted that Certificate was added to keystore
- Close Command Prompt and proceed to Enable Epic System Pulse Monitoring
Import via KeyStore Explorer Application
- Launch the KeyStore Explorer application
- Upon launch, if prompted for "Configured CA certificates keystore file foes note exist, use this location instead?" click yes
- Click File>New to create a new Keystore
- A New Keystore Type window will open, select JKS and then click the OK button
- Select Tools>Import Trusted Certificate
- In the Import Trusted Certificate window, navigate to the location where the certificate is saved, select it and click the Import button
- Define an alias for the certificate and click OK. We recommend using EpicSystemPulse
- You will be prompted on if the import was successful or if it failed
- Select File>Save
- You will be prompted to Set Keystore Password, which means you are assigning a password to the Keystore entry.
- Password must be at-least 6 characters.
- A Save Keystore As window will appear. Save the keystore to JRE\lib\security\cacerts
- For example, C:\Program Files\MonitorIT\vma-api\jre1.8.0_333\lib\security\cacerts
- When prompted to overwrite the existing file, click Yes
- The import is now complete and the application can be closed. Please proceed to the next section.
Enable Epic System Pulse Monitoring
- Click on the Configure menu option at the top of the page, and select the Inventory submenu option
- On the Inventory page, find and select the line item for the local Goliath Server
- Click on the Edit button at the top of the page
- A new pane will appear, there will be a section labeled Epic EHR Monitoring in this section please do the following:
- In the User Name and Password fields, please enter the credentials for the Read Only Service account for Epic System pulse in the format of domain\user
- Check the box for Enable Epic Monitoring
- In the Epic Server Address field, please enter the IP Address or FQDN of the Epic System Pulse machine
- In the Epic Production Resource Group field, please enter the name of the Epic resource group. The default value is "PRD"
- In the Epic Production TypeID field, please enter the name of the Epic resource group. The default value is "3"
- Once all information is filled in, click the Save button to complete the configuration
- It may take about 5 minutes or so before the data will appear
Post Installation
From the Views tab and clicking on the Performance Graphs submenu option allows you to view the dashboard-style performance graphs for Epic.
From the top Dashboards section of the left hand menu pane, you can view the Epic System Pulse information collected by clicking on the check box to the left of the folder named Epic and then clicking on the large + symbol in the middle of the screen labeled Add Dashboard from Left Pane
The two dashboards related to monitoring Epic Workflow & Activity will appear and look like this: