Go to the Settings → Other → General section in the KUMA web interface.
In the Core settings section, specify the following settings:
Use the Debug toggle switch to enable or disable system operation logging (debug mode). The toggle switch is turned off by default.
If debug mode is enabled, you can use the Dump KSC HTTP Traffic toggle switch to enable or disable the ability to dump HTTP traffic of Kaspersky Security Center.
If the dumping of HTTP traffic of Kaspersky Security Center is enabled, you can use the Periodic dumping toggle switch to enable or disable the dumping of Kaspersky Security Center HTTP requests and responses to the event log.
After enabling the Enable periodic dump check box, specify the dump settings under Dump settings.
If necessary, click the Reissue button to reissue the AI service certificate and the internal CA certificate.
After reissuing the AI service certificate, you must manually restart all services. To apply the new AI service certificate, you must restart the KUMA Core.
If you do not want to use a self-signed KUMA certificate, in the External TLS pair section, upload a certificate and key for the TLS pair.
By clicking the Update certificate button, you can update the certificate for the TLS pair.
Under Core properties, specify the following settings:
Select the Compacting SQLite check box and specify the amount of disk space in GB. This allows you to reduce the size of the database for more efficient use of disk space.
By default, the check box is selected, and the disk space is set to 10,000 GB.
In the Activation tag field, specify an applicable tag.
In the Alert retention period, days field, specify the retention period for alerts in days. You can specify any value greater than 0.
The default retention period is 12 days.
In the Asset bulk merge size field, specify the number of assets in asset blocks. When assets are merged, the resulting asset is divided into blocks that take part in KUMA operations. Each of the blocks contains a certain number of assets. Regulating such bulk merge can speed up the asset merging procedure.
You can specify any number of asset blocks greater than 0. The lower the value of this parameter, the sooner the process is completed.
The default setting is 1000000.
In the Maximum number of services to be started simultaneously field, specify the number of services that KUMA can start simultaneously.
The default setting is 1000000.
Too many services running at the same time can slow down the processing of KUMA data.
In the Correlation rule exclusions TTL, hours specify the lifetime in hours for correlation rule exclusions. You can specify a value from 1 to 8760 (24*365) inclusive.
The default setting is 72.
In the Disk buffer size of service destination of Core (for sending events), MB field, specify the size of the disk buffer on the Core that is allocated for each service. This buffer is used when internal events cannot be sent to correlators. You can set any buffer size greater than 0.
The default setting is 1024 MB.
In the Timeout of sending events via service destination of Core, seconds specify the timeout for establishing the connection to the service when sending events. You can specify any timeout longer than 0 seconds.
The default setting is 60 seconds.
In the hour of the day when Core is authorized to perform self-service tasks specify the time (in UTC) when the Core can perform self-service operations. The Core performs such operations on a daily basis. You can specify a value from 0 to 23, inclusive.
We recommend performing self-service operations during nighttime, when users are not using the functionality of the Core.
The default setting is 1 (UTC time).
In the Max stored file size, MB field, specify the maximum size of the compressed data of the downloaded GeoIP database and repository packages.
The default setting is 300 MB.
In the Resource history retention period, days field, specify the retention period for the resource changes history in days. You can set any value greater than or equal to 0.
The default setting is 12 days.
In the Cluster request timeout from the UI, seconds field, specify how long the KUMA web client must wait for a response after requesting the list of storages. You can set any value greater than 0.
The default setting is 30 seconds.
In the Storage nodes health check timeout, seconds, specify the time to wait for a response after requesting an availability check of certain storage nodes. You can set any value greater than 0.
The default setting is 30 seconds.
If necessary, in the KUMA UI balancer hostname and port field, specify the host name and port of the KUMA user interface balancer.
Given the distributed nature of the KUMA Core, multiple Core nodes can be configured to work as a cluster. You can configure the connection to the cluster through the balancer.
You can specify only one balancer URL.
The balancer URL must be specified in the hostname:port format, where