KSC Open API
13.1
Kaspersky Security Center API description
|
Name | Type | Description |
---|---|---|
KLSRV_SIEM_EVENTS_ACTIVATED | paramBool | Enables export to SIEM |
KLSRV_SIEM_EVENTS_PLATFORM | paramInt | SIEM platform to be used:
|
KLSRV_SIEM_EVENTS_IPADDR | paramString | SIEM server IP address |
KLSRV_SIEM_EVENTS_PORT | paramInt | SIEM server port |
KLSRV_SIEM_EVENTS_FROMDATE | paramDateTime | Export start date |
KLSRV_SIEM_EVENTS_MSG_SIZE | paramInt | Message size of events exported to SIEM |
KLSRV_SIEM_EVENTS_PROTO | paramInt | Protocol to be used for event export to SIEM:
|
KLSRV_SIEM_EVENTS_TLS_CA | paramBinary | List of CA certificates in PEM format. Used to verify SIEM server. |
KLSRV_SIEM_EVENTS_TLS_SERVER_SUBJ | paramString | Optional comma-separated list of allowed values for 'Subject'/'SubjectAltNames' field in server certificate. If empty, KLSRV_SIEM_EVENTS_IPADDR will be used to verify certificate subject. E.g. "example.com,siem.example.com" Used to verify SIEM server. |
KLSRV_SIEM_EVENTS_TLS_SRV_THUMBPRINTS | paramString | Comma-separated list of trusted certificates SHA1 fingerprints. If set and not empty, then KLSRV_SIEM_EVENTS_TLS_CA and KLSRV_SIEM_EVENTS_TLS_SERVER_SUBJ ignored. Fingerprints may be in forms: "sha-1:E1:2D:53:2B:7C:6B:8A:29:A2:76:C8:64:36:0B:08:4B:7A:F1:9E:9D" "sha-1:E12D532B7C6B8A29A276C864360B084B7AF19E9D" "E12D532B7C6B8A29A276C864360B084B7AF19E9D" |
KLSRV_SIEM_EVENTS_TLS_CLIENT_CERT | paramString | Certificate and key for client authentication with SIEM server. See Common format for certificate parameters |