Configuring telemetry in Kaspersky Industrial CyberSecurity for Networks

To configure telemetry in Kaspersky Industrial CyberSecurity for Networks via command line interface of Kaspersky Endpoint Agent:

  1. On the device, run a command line interpreter (for example, Command Prompt cmd.exe) with the permissions of the local administrator.
  2. Using the cd command, navigate to the folder where the Agent.exe file is located.

    For example, enter the command cd "C:\Program Files (x86)\Kaspersky Lab\Endpoint Agent\" and press ENTER.

  3. To configure telemetry collected with Kaspersky Endpoint Agent to be sent directly to Kaspersky Industrial CyberSecurity for Networks:

    agent.exe --message-broker=<enable|disable|show> --type=kics [--compression=<yes|no>] [--tls=<yes|no>] --servers=<address>:<port> [--pinned-certificate=<full path to the TLS certificate file>] [--client-certificate=<full path to the certificate file>] --client-password=<password for the PFX archive> [--sync-period=<frequency of sending a request for synchronization>]

  4. To configure telemetry according to Kaspersky Endpoint Agent – MQTT server – Kaspersky Endpoint Agent – Kaspersky Industrial CyberSecurity for Networks scheme:
    1. Configure sending of telemetry collected by Kaspersky Endpoint Agent to the MQTT server using the following command:

      agent.exe --message-broker=enable --type=mqtt --timeout=10000 --servers=<address>:<port> --user-name=<user name> --client-password=<user password> --mqtt-mode publisher

    2. Configure sending of telemetry from the MQTT server to a computer with Kaspersky Endpoint Agent installed using the following command:

      agent.exe --message-broker=enable --type=mqtt --timeout=10000 --servers=<address>:<port> --user-name=<user name> --client-password=<user password> --mqtt-mode subscriber

    3. Configure sending of telemetry that Kaspersky Endpoint Agent receives from the MQTT server to the Kaspersky Industrial CyberSecurity for Networks server using the following command:

      agent.exe --message-broker=enable --type=kics --timeout=10000 --servers=<address>:<port> --tls=<yes|no> --pinned-certificate <full path to TLS certificate file>

    Command parameters for configuring telemetry sending to the Kaspersky Industrial CyberSecurity for Networks server

    Setting

    Description

    --message-broker=<enable|disable|show>

    Required parameter.

    Allows you to enable, disable and show the status of telemetry sent to server, specified by --servers=<address>:<port> parameter:

    • --message-broker=enable enables telemetry sending
    • --message-broker=disable disables telemetry sending
    • --message-broker=show shows telemetry sending status

    --type=kics

    Required parameter.

    Telemetry is sent to Kaspersky Industrial CyberSecurity for Networks server.

    --type=mqtt

    Required parameter.

    APK InfoDiode Smart or software MQTT server (e.g. Mosquitto) is used as MQTT broker during telemetry sending and telemetry receiving.

    --compression=<yes|no>

    Optional parameter.

    Allows you to enable or disable compression of data transferred between Kaspersky Endpoint Agent and the Kaspersky Industrial CyberSecurity for Networks server.

    Enabled by default.

    ---tls=<yes|no>

    Optional parameter.

    Allows you to enable or disable a trusted connection between Kaspersky Endpoint Agent and Kaspersky Industrial CyberSecurity for Networks.

    • --tls=yes – enables trusted connection.
    • --tls=no – disables trusted connection.

    --servers=<address>:<port>

    Required parameter.

    Allows you to specify the data of a server, that will receive the telemetry.

    MQTT broker address is sepcified in mqtt://<server IP address> format. By default, port value for MQTT broker is 1883.

    --pinned-certificate=<full path to the TLS certificate>

    Required parameter, if the --tls parameter is passed with the <yes> value.

    Allows you to add a TLS certificate for connecting Kaspersky Endpoint Agent with the Kaspersky Industrial CyberSecurity for Networks server.

    --client-certificate=<full path to the certificate file>

    Allows you to add a user certificate for connecting Kaspersky Endpoint Agent with the Kaspersky Industrial CyberSecurity for Networks server.

    --client-password=<password for the PFX archive>

    Allows you to enter the password for the PFX archive that contains a user certificate for connecting Kaspersky Endpoint Agent with the Kaspersky Industrial CyberSecurity for Networks server.

    --sync-period=<frequency of sending a request for synchronization>

    Allows you to specify the frequency of sending a request to synchronize Kaspersky Endpoint Agent settings and tasks with the Kaspersky Industrial CyberSecurity for Networks server.

    --user-name=<user name>

    Allows you to specify the user account name for MQTT authentication.

    --client-password=<user password>

    Allows you to specify the user account password for MQTT authentication.

    --mqtt-mode <publisher|subscriber>

    Allows you to specify the interaction mode between Kaspersky Endpoint Agent and the MQTT broker.

    • --mqtt-mode publisher – Kaspersky Endpoint Agent sends telemetry to MQTT broker.
    • --mqtt-mode subscriber – Kaspersky Endpoint Agent receives telemetry from MQTT broker.

Page top