Settings of the kuma-ptvm-config.yaml configuration file

The table lists the settings that you can specify in the kuma-ptvm-config.yaml file.

Description of settings in the kuma-ptvm-config.yaml configuration file

Setting

Description

Values

log_level

Optional setting in the General settings section.

Logging level.

Available values:

  • trace
  • info
  • warning
  • error

Default setting: info.

period

Optional setting in the General settings section.

Data for assets that have changed during the specified period is exported from MaxPatrol.

No limitations apply.

Default setting: 30d.

strict_import

Optional setting in the General settings section.

When exporting assets from MaxPatrol, check if the required fields for KUMA are filled. Do not export unverified assets from MaxPatrol.

Available values:

  • true to check for the presence of fields that are required for KUMA.
  • false to skip the check for the presence of fields that are required for KUMA.

Default setting: false.

We recommend specifying true when exporting assets from MaxPatrol, this lets you detect and fix possible errors in JSON files before you import assets into KUMA.

parallel_downloading

Optional setting in the General settings section.

Sets the downloading mode when importing data from MaxPatrol.

Available values:

  • true downloads CSV files in parallel.
  • false downloads CSV files sequentially to reduce the load on MaxPatrol.

The default setting is true.

We recommend specifying false if you need to reduce the load on MaxPatrol during data import.

endpoint

Required setting in the KUMA settings section.

URL of the KUMA API server. For example, kuma-example.com:7223

token

Required setting in the KUMA settings section.

KUMA API token.

ignore_server_cert

Optional setting in the KUMA settings section.

Validation of the KUMA certificate.

Available values:

  • true to disable KUMA certificate validation.
  • false to enable KUMA certificate validation.

This setting is not included in the configuration file template. You can manually add this setting with a true value, which will prevent the kuma-ptvm utility from validating the certificate at startup.

endpoint

Required setting in the MaxPatrol VM settings section.

URL of the MaxPatrol API server.

user

Required setting in the MaxPatrol VM settings section.

MaxPatrol API user name.

password

Required setting in the MaxPatrol VM settings section.

MaxPatrol API user password.

secret

Required setting in the MaxPatrol VM settings section.

MaxPatrol API secret.

ignore_server_cert

Optional setting in the MaxPatrol VM settings section.

Validation of the MaxPatrol certificate.

Available values:

  • true to disable the validation of the MaxPatrol certificate.
  • true to enable MaxPatrol certificate validation.

This setting is not included in the configuration file template. You can manually add this setting with a true value if the tls: failed to verify certificate: x509: certificate is valid for localhost error occurs. In that case, the kuma-ptvm utility does not validate the certificate when it is started.

We recommend issuing a certificate in accordance with the MaxPatrol documentation as the preferred way of resolving the error.

only_exploitable

Optional setting in the Vulnerability filter section.

Export from MaxPatrol only assets with vulnerabilities for which exploits are known.

Available values:

  • true to export only assets with vulnerabilities for which exploits are known.
  • false to export all assets.

Default setting: false.

min_severity

Optional setting in the Vulnerability filter section.

Import only vulnerabilities of the specified level or higher.

Available values:

  • low
  • medium
  • high
  • critical

Default value: low.

id

Required setting in the Tenant map section.

Tenant ID in KUMA.

Assets are assigned to tenants in the order in which tenants are specified in the configuration file: the higher a tenant is in the list, the higher its priority. This means you can specify overlapping subnets.

fqdn

Optional setting in the Tenant map section.

Regular expression for searching the FQDN of an asset.

networks

Optional setting in the Tenant map section.

One or more subnets.

default_tenant

Optional setting.

The default KUMA tenant for data about assets that could not be allocated to tenants specified in the 'Tenants' section.

Page top