Implementing the SigParser On-Premises Engine can enhance your organization's ability to maintain accurate and comprehensive contact records while ensuring data remains within your secure environment; all email and calendar data is processed within your organization's network.
Note: You must coordinate with the SigParser team before proceeding with these steps. They will enable the On-Prem functionality for your account and schedule a call to guide you through the setup process.
Overview
Virtual Machine Deployment: Install the On-Premises Engine on a virtual machine within your network. This VM will handle the processing of emails and calendar data.
Configuration: Adjust settings to connect the engine to your Microsoft Exchange or Microsoft 365 environment. This includes setting up necessary permissions and specifying which mailboxes to monitor.
Security Group Management: For Microsoft 365 setups, create a mail-enabled security group to manage which mailboxes the engine will access.
Scheduled Tasks: Configure tasks to run the engine at desired intervals, ensuring continuous and up-to-date data extraction.
Estimated Time to complete: 1 hour with help from SigParser team.
To Start
You must have access to the following:
Access to your organization's SigParser account
Admin access to your organization’s Microsoft Azure
Admin access to your organization’s Exchange Admin
The ability to run Powershell commands
A list of email addresses you wish to connect and scan in SigParser
Connected mailboxes require active licenses to be scanned
Prepare a Windows Virtual Machine to run the SigParser application
Create a Windows Virtual Machine
Create a new Windows virtual machine (VM). The VM is where all the scanning and processing of emails and calendar meetings will be done.
See Virtual Machine Sizing for more information.
Configure Virtual Machine Settings
Operating System
Windows Operating System
OS-orchestrated patching: patches will be installed by OS
Network Access
Outbound:
Amazon AWS
US: logs.us-west-2.amazonaws.com - port 443
EU: logs.eu-central-1.amazonaws.com - port 443
ipaas.sigparser.com - port 443
serialkeymanager.com - port 443
app.cryptolens.io - port 443
time.windows.com - port 123
Backups
Enable backup
Backup policy: (new) DailyPolicy
Open a Notepad file on the VM to temporarily store ID values
Create a new Notepad file
Copy and paste the following into the file
GROUP MEMBER EMAIL ADDRESS:
GROUP OBJECT ID:
APPLICATION (CLIENT) ID:
APPLICATION (DIRECTORY) ID:
APPLICATION CLIENT SECRET:
SIGPARSER API KEY:
You will fill in these values in the following steps. These values will be used to create and test the MS365 connection and configure the On Premise engine settings.
Create a Mail-Enabled Security Group
Select Mail-enabled security > Next
Name the group: SigParser Mailboxes
Description is optional
Assign Group Owner(s)
Group Owners will have the ability to add or remove members from this group
Group Owner mailboxes will not be scanned by SigParser
Once you have added Group Owner(s), select Next
Add Group Members
This is the list of mailboxes to be scanned by SigParser
Once you have added Group Members, select Next
Add Group Email Address
Example: sigparsermailboxes
Under Approval
Select Require owner approval to join the group
Select Create Group
Add Group Member Email Address to Notepad
On your Notepad file, paste a Group Member email address in the corresponding field
GROUP MEMBER EMAIL ADDRESS: groupmember@yourdomain.com
Add Group Object ID to Notepad
Go to Microsoft Azure Groups
Select the newly created mail-enabled security group
On your Notepad file, paste the “SigParser Mailboxes” Group Object ID in the corresponding field
GROUP OBJECT ID: xxx-xxxx-xxxx-xxxxxx-xxx
Register SigParser App in Microsoft Azure
Select + New Registration
Enter the following info:
Name: SigParser Mailboxes App
Supported account types: Single tenant option
Redirect URI: (leave blank)
Select Register
Add App Registration IDs to Notepad
Select the newly added SigParser Mailboxes App.
Copy and paste the Application (client) ID and the Directory (tenant) ID from your Azure page on your notepad in the corresponding fields
APPLICATION (CLIENT) ID: xxx-xxx-xxxx-xxx
APPLICATION (DIRECTORY) ID: xxx-xxx-xxxxx-xx-xxxx
Grant API Permissions for SigParser App
Select API permissions from the menu on the left
Select + Add a permission > Microsoft Graph > Application permissions
In the search bar, enter each of the following permissions and select the checkbox next to the permission:
Calendars.Read
Contacts.Read
GroupMember.Read.All
Mail.Read
User.Read.All
When you have selected all of the permissions, select Add permissions.
Select ✔ Grant admin consent
Create and Enter SigParser App Client Secret
From the menu on the left, select Certificates & secrets > Client secrets
Select + New client secret
Enter the following details:
Description: SigParser Mailboxes Secret
Expires: 24 months
Select Add
Add Client Secret Value to Notepad
Copy and paste the Client Secret Value (NOT Secret ID) from Azure into the corresponding field on the notepad.
APPLICATION CLIENT SECRET: xxx-xxx-xxxx-xxx
Create an Access Policy for SigParser App
On Windows, open Microsoft Powershell
Copy and paste the following command and press enter. This will install the Exchange Online Manager Powershell module.
Install-Module -Name ExchangeOnlineManagement -Scope CurrentUser -Repository PSGallery -Force; Import-Module ExchangeOnlineManagement
Copy and paste the following command and press enter. You may need to authenticate your 365 login. This will connect to your Microsoft 365 account.
Connect-ExchangeOnline
From your notepad, copy the GROUP OBJECT ID and APP ID and paste to replace the corresponding fields below. Copy and paste the command and press enter. This will restrict access for Sigparser application to only the mailboxes in the mail enabled security group.
New-ApplicationAccessPolicy -PolicyScopeGroupId [your group object ID] -AppId [your app ID] -AccessRight RestrictAccess -Description "Restrict SigParser's access"
From your notepad, copy the GROUP MEMBER EMAIL ADDRESS and APP ID and paste to replace the corresponding fields below. Copy and paste the following command and press enter. This will test if SigParser can access the restricted email address.
Test-ApplicationAccessPolicy -Identity [test.mailbox@yourdomain] -AppId [your app ID]
Close Powershell window
Generate a SigParser Application API Key
Log into your organization's SigParser application at https://app.sigparser.com/
Go to Settings > Developers
Select "New API Key"
Name the API Key "On Premise Engine" > select all checkboxes > select Generate Key
Copy the API Key value and paste into the Notepad file
SIGPARSER API KEY: xxxxxxxxxxxxxxx
Note: The SigParser team must enable this functionality on your account.
Download On Premise Engine to Virtual Machine
Log into your Virtual Machine
Make sure that Google Chrome or Microsoft Edge are installed
In Windows Explorer turn on visibility of file extensions
Download the SigParser On Premise Engine zip file to the Virtual Machine
Right click on the Zip file > select Extract All…
Enter the following file location: C:\sigparser
Select Extract
Wait for the extract to finish
Note: The SigParser On Premise Engine zip file will be provided by the SigParser team.
Configure On Premise Engine Settings
Go to C:\sigparser\EmailFetcher folder
Rename the file appsettings-template.json to appsettings.json
Once renamed, open the file appsettings.json.
Within the file, input the following values into the corresponding fields. Values must be placed within the double quotes. Reference the values in your notepad.
EmailProvider: Office365
Instance: Enter your company name
Example: “Acme Corporation”
AllowedPatterns: Enter which email domains should be allowed.
Use * for all domains, which is best for most installations.
DenyPatterns: Enter which email domains will not be processed
Enter your own company domains here so internal emails aren't processed. Separate multiple domains with commas.
SubjectLines: Should subject lines be transmitted to SigParser?
If SendSubjectLines is true, update the SubjectLineType to "Meetings", "Emails", or "All"
AddressBooks: Transmit Address Book contacts to SigParser?
Disabled by default. To enable, update to true.
Note: if enabled, you will need to configure sync rules via the Connectors page.
SigParser API Key: [from notepad]
ClientID: [from notepad]
DirectoryID: [from notepad]
ClientSecret: [from notepad]
GroupObjectID: [from notepad]
Once the values are entered, Save the updated appsettings.json file.
Test Email Fetcher
Within the EmailFetcher folder, right click on the background > select Open in Terminal
Type cmd > select Enter
Type emailfetcher.exe > select Enter
Once the command begins running successfully, select Ctrl + C or close the Terminal
Configure Scheduled Task to Automatically Run On Premise Engine
Open Task Scheduler
Select Create Basic Task
Configure the task:
Name the task: SigParser Email Fetcher
Description: Optional > select Next
Task Frequency: Daily > select Next
Start: leave default date
Recur every: 1 days > select Next
What action do you want the task to perform: Start a program > select Next
Program/script: select Browse > select C:\sigparser folder > scroll down and select the EmailFetcher Application
Add arguments (optional): leave blank
Start in: C:\sigparser\EmailFetcher > select Next
This must match the first part of the Program file path exactly.
Select Finish
Additional Settings
It is recommended to create a designated Service Account to run the task scheduler. This ensures that the task will run even if the employee is not logged in or leaves the company.
Right click on the task > select Properties
Select: Run whether user is logged on or not > select OK
Enter credentials for the designated service account
Test the Scheduled Task
Right click the task from the list > select Run
View Logging
Open Event Viewer > select Windows Logs > select Application
Setup Complete
The setup is now complete.
If you have any questions, send us an email at support@sigparser.com. You can also book a demo session HERE.