Step 4. Service settings

At the Service settings step of the wizard, you can specify the system EPS limit, define the settings of sending service alerts, and set the IP address or host name of the server where Kaspersky CyberTrace is installed. The same settings are stored in the kl_feed_util.conf and kl_feed_service_log.conf configuration files.

To define service settings:

  1. Under System EPS limit, configure the overall events per second (EPS) limit of the system:
    1. Enable the toggle switch.
    2. In EPS limit, enter the required EPS limit value.

    If the system EPS limit is defined in the license, it cannot be modified in Kaspersky CyberTrace Web.

    If the overall EPS is not limited, this may cause unexpected performance degradation of the system.

  2. Under Service alerts, define the settings of sending service alerts that inform another software (for example, a SIEM system) about the state of Kaspersky CyberTrace Service by doing the following:
    1. Enable the toggle switch.
    2. In IP address and Port, specify the parameters of the server to which you want to send service alerts.

      By default, the IP address is set to 127.0.0.1 and the port is set to 9999.

      You can use an IPv6 address to send service alerts.

    These settings are stored in the OutputSettings > AlertConnectionString element of the kl_feed_service.conf file.

  3. Under Web interface, specify the IP address or host name that you use to connect to Kaspersky CyberTrace Web. This is the IP address or host name of the server where Kaspersky CyberTrace is installed and is used, for example, to download indicators export reports.

    You can use an IPv6 address as a web interface address.

    This setting is stored in the ResourcesIP element of the kl_feed_service.conf file.

    By default, the value is 127.0.0.1.

Later, you will be able to edit service settings on the SettingsService page of Kaspersky CyberTrace Web.

Page top