The parameters of Balancer are specified in the kl_balancer.conf
configuration file included in the distribution kit. kl_balancer.conf
is an XML file that contains the parameters described in the table below.
Configuration file parameters
Parameter |
Description |
---|---|
|
Specifies the address for connection to Balancer. The value can be an IPv4 address, an IPv6 address, or a host name. The following parameters must be specified:
This element is mandatory. The configuration file can contain only one |
|
The regular expression that defines the delimiter for events. This element is optional. If an event contains newline characters ( |
|
The path to the PEM-formatted certificate for HTTPS connections. This element can contain an absolute or a relative path. If a relative path is specified, it is calculated relative to the Balancer binary file. This parameter is optional. The default value is:
Update the value of this element if Balancer is deployed on a computer without Kaspersky CyberTrace. |
|
The path to the PEM-formatted private key for HTTPS connections. This element can contain an absolute or a relative path. If a relative path is specified, it is calculated relative to the Balancer binary file. This parameter is optional. The default value is:
Update the value of this element if Balancer is deployed on a computer without Kaspersky CyberTrace. |
|
The path to the directory with a license key file. This element can contain an absolute or a relative path. If a relative path is specified, it is calculated relative to the Balancer binary file. This parameter is optional. The default value is:
Update the value of this element if Balancer is deployed on a computer without Kaspersky CyberTrace. |
|
Specifies the address for sending the results of incoming events matching. The value can be an IPv4 address, an IPv6 address, or a host name. The following parameter can be specified:
This element is mandatory. |
|
The section that contains elements with parameters of Kaspersky CyberTrace instances. The following parameters can be specified for the section:
This element is mandatory. |
|
An element with parameters for connection to an instance of Kaspersky CyberTrace. The value can be an IPv4 or IPv6 address. This element is mandatory. The following parameters can be specified:
This element is mandatory. |
|
The section that contains elements with parameters of allowed REST API requests to Kaspersky CyberTrace instances. This element is mandatory. |
|
An element with parameters of an allowed REST API request to Kaspersky CyberTrace instances. This element is optional. This element can contain a string that is from 1 to 2048 characters long and contains only ASCII characters. The value of this element can contain the '*' wildcard character, which stands for zero or any number of any characters. The following parameter can be specified:
By default, |
Default configuration file
By default, kl_balancer.conf
contains the following parameters:
<Settings> <Balancer matching_port="9998" api_port="9997" cybertrace_port="9996" scanners_count="9">127.0.0.1</Balancer> <SSLCertificatePath>..\httpsrv\kl_feed_service_cert.pem</SSLCertificatePath> <SSLPrivateKeyPath>..\httpsrv\kl_feed_service_private.pem</SSLPrivateKeyPath> <LicenseDirPath>..\httpsrv\lic</LicenseDirPath> <OutputSettings port="514">127.0.0.1</OutputSettings> <Instances update_seconds="60" matching_timeout_seconds="5" api_timeout_seconds="30"> <Instance enabled="true" matching_port="9999" api_port="443" scanners_count="8">127.0.0.1</Instance> </Instances> <AllowedRequests> <AllowedRequest method="GET">/api/1.2/suppliers</AllowedRequest> <AllowedRequest method="GET">/api/1.2/suppliers/*</AllowedRequest> <AllowedRequest method="POST">/api/1.2/lookup</AllowedRequest> <AllowedRequest method="GET">/api/1.2/tags</AllowedRequest> <AllowedRequest method="GET">/ioc_exports/*</AllowedRequest> </AllowedRequests> </Settings> |
The default configuration file above is the one included in the distribution kit for Windows systems. The default configuration file for Linux systems has the same contents except for the format of local paths in the values of the SSLCertificatePath, SSLPrivateKeyPath,
and LicenseDirPath
parameters, where '\
' is substituted for '/
'.