Post-installation configuration (Initial Setup Wizard)

April 11, 2024

ID 194521

This section explains how to configure Kaspersky CyberTrace by using the Initial Setup Wizard.

The Initial Setup Wizard is a sequence of web interface pages where you configure Kaspersky CyberTrace after it is installed. Once the wizard is completed, other pages of the web interface become available.

The wizard has the following pages:

  • SIEM selection

    On this page, you should select your SIEM. The choice of a SIEM solution at this step affects the format of the Kaspersky CyberTrace configuration files, since these files are customized for integration with specific SIEM solutions.

    For the full list of supported SIEMs, see subsection "Supported SIEM solutions" of the Tenants settings section.

  • Connection settings

    On this page, you should specify connection parameters for your SIEM.

  • Proxy server configuration

    On this page, you can specify proxy settings. This step is optional.

  • Licensing configuration

    On this page, you can specify paths to the license key file and the certificate file. This step is optional.

  • Feeds selection

    On this page, you should specify the feeds that you plan to use in Kaspersky CyberTrace.

Navigating to the Initial Setup Wizard

To navigate to the Initial Setup Wizard:

  1. Open Kaspersky CyberTrace Web in your browser at https://127.0.0.1.
  2. Log in to Kaspersky CyberTrace Web by using the default credentials.

Selecting a SIEM

To select your SIEM:

  1. Choose a SIEM.

    The default parameters for this SIEM will be displayed on the page.

  2. Click Next to proceed to the next page.

Configuring connection parameters

To specify connection parameters for your SIEM:

  1. Specify the connection parameters that Kaspersky CyberTrace will use for incoming events:
    1. Select the type of connection that you want to use.
    2. Depending on the type of connection, do one of the following:
      • In the IP address and Port fields, specify an IP address and port.
      • In the UNIX socket field, specify a UNIX™ socket.
  2. Specify an IP address and port that Kaspersky CyberTrace will use for outgoing alerts.
  3. Specify an IP address or host name to be used in Kaspersky CyberTrace as the external address of the web interface.
  4. Click Next to proceed to the next page.

You can use IPv6 addresses to receive incoming events and send outgoing alerts, as well as for the web interface.

Configuring a proxy server

To specify proxy server parameters:

  1. Select Use proxy server.
  2. In the IP address or host name field, specify a proxy server IP address or host.
  3. In the Port field, specify a proxy server port.
  4. If needed, select Use proxy credentials.
  5. If you choose to use proxy credentials, specify the following:
    • In the User name field, specify a user name to access the proxy server
    • In the Password field, specify a password to access the proxy server
  6. Click Next to proceed to the next page.

You can use an IPv6 address for a proxy server.

Configuring licensing

To import the license key and the certificate:

  1. Under Kaspersky CyberTrace license key, click the Add a license key button, and then specify a path to the license key file.

    This parameter is optional. If you do not specify a license key, you will use a Community Edition license.

  2. Under Kaspersky Threat Data Feeds certificate, click the Import certificate button, and then specify a path to the certificate file.

    This parameter is optional. If you do not specify a certificate, you will use demo feeds.

  3. Click Next to proceed to the next page.

Selecting feeds

To specify the feeds required for use in Kaspersky CyberTrace:

  1. Select the feeds that you want to use.
  2. Click Next.

When the initial setup is complete, you will be asked to refer to the Kaspersky CyberTrace documentation. The displayed links are intended to be used for the following actions:

To finish the initial setup wizard, click Close.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.