Settings of the kuma-ptvm-config.yaml configuration file
The table lists the settings that you can specify in the kuma-ptvm-config.yaml file.
Description of settings in the kuma-ptvm-config.yaml configuration file
Setting | Description | Values |
---|---|---|
| An optional setting in the 'General settings' group. Logging level. | Available values:
Default setting: |
| An optional setting in the 'General settings' group. Data for assets that have changed during the specified period is exported from MaxPatrol. | No limitations apply. Default setting: 30d. |
| Optional setting in the 'General settings' group. When exporting assets from MaxPatrol, check if the required fields for KUMA are filled. Do not export unverified assets from MaxPatrol. | Available values:
Default setting: We recommend specifying |
| Required setting in the 'KUMA settings' group. URL of the KUMA API server. For example, kuma-example.com:7223 | - |
| Required setting in the 'KUMA settings' group. KUMA API token. | - |
| Optional setting in the 'KUMA settings' group. Validation of the KUMA certificate. | Available values:
This setting is not included in the configuration file template. You can manually add this setting with a true value, which will prevent the kuma-ptvm utility from validating the certificate at startup. |
| Required setting in the 'MaxPatrol VM' group. URL of the MaxPatrol API server. | - |
| Required setting in the 'MaxPatrol VM' group. MaxPatrol API user name. | - |
| Required setting in the 'MaxPatrol VM' group. MaxPatrol API user password. | - |
| Required setting in the 'MaxPatrol VM settings' group. MaxPatrol API secret. | - |
| Optional setting in the 'MaxPatrol VM settings' group. Validation of the MaxPatrol certificate. | Available values:
This setting is not included in the configuration file template. You can manually add this setting with a true value if the "tls: failed to verify certificate: x509: certificate is valid for localhost" error occurs. In that case, the kuma-ptvm utility does not validate the certificate when it is started. We recommend issuing a certificate in accordance with the MaxPatrol documentation as the preferred way of resolving the error. |
| Optional setting in the 'Vulnerability filter' group. Export from MaxPatrol only assets with vulnerabilities for which exploits are known. | Available values:
Default setting: |
| Optional setting in the 'Vulnerability filter' group. Import only vulnerabilities of the specified level or higher. | Available values:
Default value: |
| Required setting in the 'Tenant map' group. Tenant ID in KUMA. Assets are assigned to tenants in the order in which tenants are specified in the configuration file: the higher a tenant is in the list, the higher its priority. This means you can specify overlapping subnets. | - |
| Optional setting in the 'Tenant map' group. Regular expression for searching the FQDN of an asset. | - |
| Optional setting in the 'Tenant map' group. One or more subnets. | - |
| Optional setting. The default KUMA tenant for data about assets that could not be allocated to tenants specified in the 'Tenants' group of settings. | - |