Kaspersky Security Center Linux supports PostgreSQL and Postgres Pro DBMSs. If you use one of these DBMSs, consider configuring the DBMS server parameters to optimize the DBMS work with Kaspersky Security Center Linux.
The default path to the configuration file is: /etc/postgresql/<
VERSION
>/main/postgresql.conf
Recommended parameters for PostgreSQL and Postgres Pro:
shared_buffers = N
N = 25% of the RAM value of the device where the DBMS is installed. If RAM is less than 1 GB, then leave the default value.
max_stack_depth =
maximum stack size (execute the 'ulimit -s
' command to obtain this value in KB) minus the 1 MB safety margintemp_buffers = 24MB
work_mem = 16MB
max_connections = 151
max_parallel_workers_per_gather = 0
maintenance_work_mem = 128MB
Make sure the standard_conforming_strings
parameter is set to its default value of on
. Reload configuration or restart the server after updating the postgresql.conf file. Refer to the PostgreSQL documentation for details.
If you use a cluster Postgres DBMS, specify the max_connections
parameter for all DBMS servers as well as in the cluster configuration.
If you use Postgres Pro 15.7 or Postgres Pro 15.7.1, disable the enable_compound_index_stats
parameter:
enable_compound_index_stats = off
For detailed information about PostgreSQL and Postgres Pro server parameters and on how to specify the parameters, refer to the corresponding DBMS documentation.
Refer to the following topic for details on how to create and configure accounts for PostgreSQL and Postgres Pro: Configuring accounts for work with PostgreSQL and Postgres Pro.
Highly available cluster support
Highly available MariaDB and PostgreSQL clusters are supported with the following settings:
Replication type: synchronous.
Minimum number of nodes: 3.
Maximum number of nodes: 15.
The Postgres role used by the Server to access the DBMS needs to have privileges to read the following views (enabled by default):
When using a Postgres Highly Available cluster (version 14 or later) as the database, the database user must have the pg_read_all_stats
privilege. You can grant this privilege by running the following command:
GRANT pg_read_all_stats TO "%1";
Where %1
is the name of the database user.
The user name is specified during the Administration Server installation in the KLSRV_UNATT_DBMS_LOGIN
parameter.