Kron PAM Configuration for Connection of ML-Based Threat Analytics and Response Engine

log in to the kron pam master instance’s cli with pamuser navigate to the ueba configuration folder $ cd /pam/docker mgmt/config repo/ open the uba default properties file with a text editor and set the parameters below after making changes restart the uba service parameter description default value sc uba ignored log types ignored log types should be written comma separated and every log type should be in single quotes 'ocr', 'file download', 'file upload' sc uba command log process days before number of previous days to scan in the logs in order to determine what the ml engine should consider the usual (base) behavior 15 sc uba command log read job fixed rate ms the l og processing job's execution interval 60000 sc uba command log read job init delay ms first job execution time after starting the application 0 ml log anomaly api server url ml based threat analytics and response engine’s ip and port address https //ml engine ip\ port