Kaspersky Machine Learning for Anomaly Detection

Configuring the HTTP Connector

Kaspersky MLAD uses the HTTP Connector to receive data from CSV files by uploading data using the POST method. You can download data over port 4999 via HTTP or HTTPS by specifying the relevant protocol in a request.

In Kaspersky MLAD, certificate files and key files can be uploaded only in DER or PEM format. If necessary, you can use the OpenSSL utility to change the format of certificate files and the certificate key. Thus, to change the format of a certificate file from P12 to PEM, run the following command in the console:

openssl pkcs12 -in <certificate name>.p12 -clcerts -nokeys -out <certificate name>.pem

System administrators can configure the HTTP Connector.

To configure the HTTP Connector:

1. In the lower-left corner of the window, click .

   You will be taken to the administrator menu.

2. Select System parameters → HTTP Connector.

   A list of options appears on the right.

3. In the Size of written block (tag count) field, specify the number of tags values that are written to the Message Broker service at one time.

   The specified value affects the number of iterations for writing tag values from the CSV file to Message Broker according to the total number of observations for tags retrieved via HTTP Connector.

4. In the Maximum size of uploaded file (MB) field, specify the maximum size in megabytes of a file transmitted to the HTTP Connector.

   If you try to download a larger CSV file, the file would not be passed to the HTTP Connector.

5. Use the Use TLS connection toggle switch to enable or disable secure TLS connection.

   By default, use of a secure TLS connection is enabled.

   To avoid compromising the received and/or sent data, it is recommended to keep the use of a secure TLS connection enabled.

6. If you are using a secure TLS connection, use the Use the recommended TLS connection settings toggle switch to enable or disable use of the recommended TLS connection settings.

   By default, use of the recommended TLS connection settings is enabled.

   When the toggle switch is on, a secure TLS connection is used via the TLS-1.2 or TLS-1.3 protocol with a cipher suite from the list of recommended ciphers.

7. If you are using a secure TLS connection, do the following:
   1. Add the HTTPS server certificate and the certificate key by using the Browse button under the HTTPS server certificate and Private key to HTTPS server certificate settings.

      It is recommended to use a certificate with a certificate key length of 4096 bits when using the RSA algorithm, or 256 bits when using the ECDH algorithm.

   2. If you are using client certificates, add the root certificate to verify the signature of the client certificate by using the Browse button under the CA certificate for verifying the client certificate signature setting.

   Certificates and certificate keys can be uploaded only as files in DER or PEM format.

   To delete the certificate file or certificate key, click the button in the corresponding field. To save the certificate file or certificate key on your computer, click the button in the corresponding field.

8. Toggle Scale obtained tag values switch to enable or disable the conversion of tag values according to the Bias and Multiplier settings that were set when creating the tag.

   Conversion of received tag values is disabled by default.

9. Click the Save button.

Kaspersky MLAD will receive data from CSV files using the HTTP Connector.

The following is an example of sending a CSV file to the HTTP Connector via cURL over HTTP using the POST method to port 4999 of the Kaspersky MLAD server:

The HTTP Connector accepts CSV files with the following fields:

timestamp;tag_name;value

where:

• timestamp is the time stamp in the format %Y-%m-%dT%H:%M:%S.
• tag_name is the name of the tag.
• value is the tag value.

  If a tag value contains a fractional portion, use a dot to separate the integer from the fractional portion.