kata/edr type

Settings for a connector of the kata/edr type are described in the following tables.

Basic settings tab

Setting

Description

Name

Unique name of the resource. Maximum length of the name: 128 Unicode characters.

Required setting.

Tenant

The name of the tenant that owns the resource.

Required setting.

Type

Connector type. You need to select kata/edr.

Required setting.

URL

URL for receiving telemetry from the KATA/EDR server. You need to include the hostname and port number in the URL. The default port is 443.

If KATA/EDR is deployed in a cluster, you can specify multiple URLs to ensure high availability of the connection.

Required setting.

Secret

Secret that stores the credentials for connecting to the KATA/EDR server. You can select a secret from the drop-down list or create a secret. To create a secret, click AddResource. When creating a secret, you must specify a custom certificate and private key or automatically generate a new self-signed certificate and private key. You can change the selected secret by clicking EditResource.

Required setting.

External ID

Identifier for external systems. KUMA automatically generates an ID and populates the field with it.

Description

Description of the resource. Maximum length of the description: 4000 Unicode characters.

Advanced settings tab

Setting

Description

Debug

Resource logging. The toggle switch is turned off by default.

Character encoding

Original character encoding to be converted to UTF-8. We only recommend configuring a conversion if you find invalid characters in the fields of the normalized event. By default, no value is selected.

Number of events

Maximum number of events in one request. By default, the value set on the KATA/EDR server is used.

Events fetch timeout

The time in seconds to wait for receipt of events from the KATA/EDR server. Default value: 0, which means that the value set on the KATA/EDR server is used.

Client timeout

Time in seconds to wait for a response from the KATA/EDR server. Default value: 0, corresponding to 1800 seconds.

KEDRQL filter

Filter of requests to the KATA/EDR server. For more details on the query language, please refer to the KEDR Help.

Page top