Kron PAM Configuration for Connection of ML-Based Threat Analytics and Response Engine
- Log in to Kron PAM master instance’s CLI with pamuser.
- Navigate to the UEBA configuration folder ]$ cd /u01/uba-service/config
- Open the application.properties file with a text editor and set the parameters below.
Parameter | Description | Default Value |
|---|---|---|
sc.uba.ignored.log.types | Ignored log types. Should be written comma-separated and every log type should be in single quotes | 'OCR', 'FILE_DOWNLOAD', 'FILE_UPLOAD' |
sc.uba.command.log.process.days.before | If the system does not have a property for the last process ID (perhaps during the first run), this property is utilized to determine the maximum ID of the command log "N" days prior. | 15 |
sc.uba.command.log.read.job.fixed.rate.ms | Log process job execution period | 60000 |
sc.uba.command.log.read.job.init.delay.ms | First job execution time after starting the application | 0 |
ml.log.anomaly.api.server.url | ML Based Threat Analytics and Response Engine’s IP and port address |  |
sc.rest.api.server.url | Kron PAM Master Instance’s IP/Port Address | https://localhost |