Kaspersky Machine Learning for Anomaly Detection
5.0
English
System administrator tasks  >  Configuring Kaspersky MLAD  >  Configuring the AMQP Connector

Configuring the AMQP Connector

Kaspersky MLAD uses the AMQP Connector to receive data and send messages about incident registration via AMQP (Advanced Message Queuing Protocol).

System administrators can configure the AMQP Connector.

To configure the AMQP Connector:

  1. In the lower-left corner of the window, click An icon in the form of two horizontal equalizer sliders..

    You will be taken to the administrator menu.

  2. Select System parametersAMQP Connector.

    A list of options appears on the right.

  3. Use the Use TLS connection toggle switch to enable or disable secure TLS connection.

    By default, use of a secure TLS connection is enabled.

    To avoid compromising the received and/or sent data, you are advised to keep the use of a secure TLS connection enabled.

  4. If you are using a secure TLS connection, use the Use the recommended TLS connection settings toggle switch to enable or disable use of the recommended TLS connection settings.

    By default, use of the recommended TLS connection settings is enabled.

    When the toggle switch is on, a secure TLS connection is used via the TLS-1.2 or TLS-1.3 protocol with a cipher suite from the list of recommended ciphers.

  5. In the AMQP broker (address:port) field, specify the host name and port of the external AMQP broker that the AMQP Connector will interact with.

    The default value of this parameter is rabbitmq:5672.

  6. In the User name for AMQP connection field, enter the user name to connect to the AMQP broker.
  7. In Password for AMQP connection, enter the user password for connecting to the AMQP broker.
  8. If you are using a secure TLS connection and a self-signed certificate is installed on the AMQP broker, add the root certificate for the AMQP broker by using the Browse button under the CA certificate setting.

    A certificate can be downloaded as a DER or PEM file only.

    To delete the certificate file, click the A basket icon. button. To save the certificate file on your computer, click the An icon in the form of an arrow pointing into a tray. button.

  9. If you are using a secure TLS connection and client authentication is enabled on the AMQP broker, do the following:
    1. Add the client certificate by using the Browse button under the Client certificate setting.
    2. Add the key for the client certificate by using the Browse button under the Key to client certificate setting.

    It is recommended to use a certificate with a certificate key length of 4096 bits when using the RSA algorithm, or 256 bits when using the ECDH algorithm.
    A certificate and certificate key can be uploaded only as a file in DER or PEM format.

    To delete the certificate file or certificate key, click the A basket icon. button in the corresponding field. To save the certificate file or certificate key on your computer, click the An icon in the form of an arrow pointing into a tray. button in the corresponding field.

  10. In the AMQP virtual host field, specify the virtual host for establishing a connection between the AMQP Connector and the external AMQP broker.

    The default value of this parameter is /.

  11. In the AMQP exchange point name for receiving tag values field, specify the name of the exchange point to receive tags values from an external AMQP broker.

    If a value is not defined for this parameter, tags values will not be received via the AMQP Connector.

    This setting has no value by default.

  12. In the List of AMQP subscriptions for receiving tag values field, specify the name of the list of subscriptions from which the AMQP Connector will receive tag values.

    The default value of this parameter is #.

  13. In the AMQP queue for receiving tag values field, specify the name of the queue for the AMQP connector.
  14. In the AMQP exchange point name for publishing messages field, specify the name of the exchange point for sending incident registration messages.

    If no value is defined for this parameter, messages will not be sent. You can specify the same name that you indicated in step 10 of these instructions.

    This setting has no value by default.

  15. In the AMQP topic for publishing messages field, specify the name of the topic where the AMQP Connector will publish messages about incident registration.

    The default value of this parameter is alert.

  16. In the Data format drop-down list, select the format to receive data from external systems and send messages about incidents.

    The following options are available: JSONBatch, Topic, SmartHome, KISG.

    The default value of this parameter is JSONBatch.

    If you are having difficulty selecting a data format, consult Kaspersky or a certified integrator.

    If none of the incident data and message formats suits you, you can contact Kaspersky Lab experts to add the required format.

  17. If you have selected the Topic data format, add a configuration file containing the connector settings for this data format using the Browse button under the Connector configuration file setting.

    To delete the connector configuration file, click the A basket icon. button. To save the connector configuration file on your computer, click the An icon in the form of an arrow pointing into a tray. button.

  18. Toggle Scale obtained tag values switch to enable or disable the conversion of tag values according to the Bias and Multiplier settings that were set when creating the tag.

    Conversion of received tag values is disabled by default.

  19. Click the Save button.

Kaspersky MLAD will receive data and send messages about incident registration via the AMQP protocol.

Article ID: 248005, Last review: Nov 21, 2024
Page top