Configuring the MQTT Connector

Kaspersky MLAD uses the MQTT Connector to receive data and send messages about incident registration via the MQTT (Message Queuing Telemetry Transport) protocol.

System administrators can configure the MQTT Connector.

To configure the MQTT Connector:

1. In the lower-left corner of the page, click the  button.

   You will be taken to the administrator menu.

2. Select System parameters → MQTT Connector.

   A list of options appears on the right.

3. If necessary, use the Use TLS connection toggle switch to enable secure TLS connection.

   By default, use of a secure TLS connection is disabled.

   To avoid compromising the received and/or sent data, it is recommended to enable the use of a secure TLS connection. It is recommended to use a secure TLS connection via the TLS-1.2 or TLS-1.3 protocol using a cipher suite from the list of recommended ciphers.

4. In the MQTT broker (address:port) field, specify the host name and port of the external MQTT broker that the MQTT Connector will interact with.

   The default value of this parameter is mqtt_broker:1883.

5. In the User name for MQTT connection field, enter the user name.
6. In the Password for MQTT connection field, enter the user's password.
7. If you enabled the use of a secure TLS connection and a self-signed certificate is installed on the MQTT broker, add the root certificate for the MQTT broker using the Browse button under the CA certificate setting.

   To delete the certificate file, click the Clear icon (). To save the certificate file on your computer, click the Download icon ().

8. If you enabled the use of a secure TLS connection and client authentication is enabled on the MQTT broker, do the following:
   • Add the MQTT client application certificate by using the Browse button under the Client certificate setting.
   • Add the key to the MQTT client application certificate by using the Browse button under the Key to client certificate setting.

   It is recommended to use a certificate created according to the X.509 standard with a certificate key length of at least 4096 bits.

   To delete the certificate file or certificate key, click the Clear icon () in the corresponding field. To save the certificate file or certificate key on your computer, click the Download icon () in the corresponding field.

9. In the List of MQTT subscriptions for receiving tags field, enter the name of the list of MQTT subscriptions from which the MQTT Connector will receive tag values.

   The default value of this parameter is tags.

10. In the MQTT topic for publishing messages field, specify the name of the topic where the MQTT Connector will publish messages about incident registration.

    If no value is defined for this setting, messages are not sent.

    This setting has no value by default.

11. In the Data format drop-down list, select the format to receive data from external systems and send incident alerts.

    The following options are available: JSONBatch, Topic, SmartHome, KISG.

    The default value of this parameter is JSONBatch.

    If none of the incident data and alert formats suits you, you can contact Kaspersky Lab experts to add the required format.

12. If you have selected the Topic data format, add a configuration file containing the connector settings for this data format using the Browse button under the Connector configuration file setting.

    To delete the certificate file, click the Clear icon (). To save the certificate file on your computer, click the Download icon ().

13. If you need to recalculate the tag values based on the parameter values specified in the preset file, turn on the Scale obtained tag values toggle switch.

    By default, scaling of the received data is disabled.

14. Click the Save button.

Kaspersky MLAD will receive data and send messages about incident registration via the MQTT protocol.