Service settings (custom tenant)

You can manage the service settings for a particular settings tenant in the CyberTrace web user interface by selecting the Settings tab, and then the Service tab. Make sure that a tenant for which you want to display service settings is selected from the drop-down list that has all available tenants, in the upper-left area of the window.

The Service tab allows you to do the following:

• Edit settings stored in the kl_feed_util.conf and kl_feed_service_log.conf configuration files.
• Reset statistics by clicking the Reset statistics link below the tab.

  This action clears the Dashboard of all the detection statistics related to this tenant.

  We recommend performing this operation after successfully integrating CyberTrace with a SIEM solution. This means the dashboard will not display any detection events generated during the verification test and will only contain real detection events, if there are any.

Connection settings

In the Connection settings section of the Service tab, you can specify the following settings:

• IP address and port (on Linux, it can be also a UNIX socket) that Kaspersky CyberTrace Service listens on for incoming events

  These settings are stored in the InputSettings > ConnectionString element of the kl_feed_service.conf file.

• IP address and port (on Linux, it can also be a UNIX socket) to which Kaspersky CyberTrace Service sends detection events and alert events

  These settings are stored in the OutputSettings > ConnectionString element of the kl_feed_service.conf file.

You can use IPv6 addresses to receive incoming events and send outgoing events.