Support

Support for business applications

Kaspersky Machine Learning for Anomaly Detection

System administrator tasks

Configuring Kaspersky MLAD

Configuring the AMQP Connector

Kaspersky Machine Learning for Anomaly Detection
Нет результатов
Online Help
FAQ Contact support Recovery tools Product videos

Configuring the AMQP Connector

December 6, 2023

ID 248005

Save as PDF

Kaspersky MLAD uses the AMQP Connector to receive data and send messages about incident registration via AMQP (Advanced Message Queuing Protocol).

System administrators can configure the AMQP Connector.

To configure the AMQP Connector:

  1. In the lower-left corner of the page, click the Main menu button.

    You will be taken to the administrator menu.

  2. Select System parametersAMQP Connector.

    A list of options appears on the right.

  3. If necessary, use the Use TLS connection toggle switch to enable secure TLS connection.

    By default, use of a secure TLS connection is disabled.

    To avoid compromising the received and/or sent data, it is recommended to enable the use of a secure TLS connection. It is recommended to use a secure TLS connection via the TLS-1.2 or TLS-1.3 protocol using a cipher suite from the list of recommended ciphers.

  4. In the AMQP broker (address:port) field, specify the host name and port of the external AMQP broker that the AMQP Connector will interact with.

    The default value of this parameter is rabbitmq:5672.

  5. In the User name for AMQP connection field, enter the user name.
  6. In the Password for AMQP connection field, enter the user's password.
  7. If you enabled the use of a secure TLS connection and a self-signed certificate is installed on the AMQP broker, add the root certificate for the AMQP broker using the Browse button under the CA certificate setting.

    To delete the certificate file, click the Clear icon (). To save the certificate file on your computer, click the Download icon ().

  8. If you enabled the use of a secure TLS connection and client authentication is enabled on the AMQP broker, do the following:
    • Add the AMQP client application certificate by using the Browse button under the Client certificate setting.
    • Add the key to the AMQP client application certificate by using the Browse button under the Key to client certificate setting.

    It is recommended to use a certificate created according to the X.509 standard with a certificate key length of at least 4096 bits.

    To delete the certificate file or certificate key, click the Clear icon () in the corresponding field. To save the certificate file or certificate key on your computer, click the Download icon () in the corresponding field.

  9. In the AMQP virtual host field, specify the virtual host for establishing a connection between the AMQP Connector and the external AMQP broker.

    The default value of this parameter is /.

  10. In the AMQP exchange point name for receiving tags field, specify the name of the exchange point to receive tags from an external AMQP broker.

    If a value is not defined for this parameter, tags will not be received via the AMQP Connector.

    This setting has no value by default.

  11. In the List of AMQP subscriptions for receiving tags field, specify the name of the list of subscriptions from which the AMQP Connector will receive tag values.

    The default value of this parameter is #.

  12. In the AMQP queue for receiving tags field, specify the name of the queue for the AMQP connector. This field is optional.
  13. In the AMQP exchange point name for publishing messages field, specify the name of the exchange point for sending messages about events.

    If no value is defined for this parameter, messages will not be sent. You can specify the same name that you indicated in step 10 of these instructions.

    This setting has no value by default.

  14. In the AMQP topic for publishing messages field, specify the name of the topic where the AMQP Connector will publish messages about incident registration.

    The default value of this parameter is alert.

  15. In the Data format drop-down list, select the format to receive data from external systems and send incident alerts.

    The following options are available: JSONBatch, Topic, SmartHome, KISG.

    The default value of this parameter is JSONBatch.

    If none of the incident data and alert formats suits you, you can contact Kaspersky Lab experts to add the required format.

  16. If you have selected the Topic data format, add a configuration file containing the connector settings for this data format using the Browse button under the Connector configuration file setting.

    To delete the connector configuration file, click the Clear icon (). To save the connector configuration file on your computer, click the Download icon ().

  17. If you need to recalculate the tag values based on the parameter values specified in the preset file, turn on the Scale obtained tag values toggle switch.

    By default, scaling of the received data is disabled.

  18. Click the Save button.

Kaspersky MLAD will receive data and send messages about incident registration via the AMQP protocol.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.