Post-installation configuration (Initial Setup Wizard)

This section explains how to configure Kaspersky CyberTrace by using the Initial Setup Wizard.

The Initial Setup Wizard is a sequence of web interface pages where you configure Kaspersky CyberTrace after it is installed. Once the wizard is completed, other pages of the web interface become available.

The wizard has the following pages:

Navigating to the Initial Setup Wizard

To navigate to the Initial Setup Wizard:

  1. Open Kaspersky CyberTrace Web in your browser at https://127.0.0.1.
  2. Log in to Kaspersky CyberTrace Web by using the default credentials.

Selecting a SIEM

To select your SIEM:

  1. Choose a SIEM.

    The default parameters for this SIEM will be displayed on the page.

  2. Click Next to proceed to the next page.

Configuring connection parameters

To specify connection parameters for your SIEM:

  1. Specify the connection parameters that Kaspersky CyberTrace will use for incoming events:
    • Select what type of connection you want to use.
    • In the IP address and Port fields, specify an IP address and port.
    • In the UNIX socket field, specify a UNIX socket.
  2. Specify an IP address and port that Kaspersky CyberTrace will use for outgoing events.
  3. Specify an IP address or hostname to be used in Kaspersky CyberTrace events as the external address of the web interface.
  4. Click Next to proceed to the next page.

You can use IPv6 addresses to receive incoming events and send outgoing events, as well as for the web interface.

Configuring a proxy server

To specify proxy server parameters:

  1. Select Use proxy server.
  2. In the IP address or hostname field, specify a proxy server IP address or host.
  3. In the Proxy port field, specify a proxy server port.
  4. If needed, select Use proxy credentials.
  5. If you choose to use proxy credentials, specify the following:
    • In the User name field, specify a user name to access the proxy server
    • In the Password field, specify a password to access the proxy server
  6. Click Next to proceed to the next page.

You can use an IPv6 address for a proxy server.

Configuring licensing

To import the license key and the certificate:

  1. In the Kaspersky CyberTrace license key field, specify a path to the license key file.

    This field is optional.

  2. In the Kaspersky Threat Data Feeds certificate field, specify a path to the certificate file.

    This field is optional.

  3. Click Next to proceed to the next page.

Selecting feeds

To specify the required feeds:

  1. Select the feeds that you want to use.
  2. Click Next.

When the initial setup is complete, you will be asked to refer to the Kaspersky CyberTrace documentation. The displayed links are intended to be used for the following actions:

To finish the initial setup wizard, click Close.

Page top