PingIntelligence

Changing ABS default settings

You can change the default settings in ABS by editing the abs-defaults.yml file.

About this task

The following table lists the variables that you can set for ABS.

Variable Description

management_port

Port for ABS to ASE and REST API to ABS communication. The default value is 8080.

mongo_username and mongo_password

MongoDB username and password. The default username is absuser, and the default password is abs123.

mongo_cache_size

If you are running all the PingIntelligence components on the same instance, keep the MongoDB cache size to a maximum of 25% of the system memory. If you are running MongoDB on a separate instance, keep the MongoDB cache size to a maximum of 40% of the system memory.

mongo_ssl

Default value is true. PingIntelligence deployment ships with a default self-signed certificate. Setting it to false establishes non-SSL connection between ABS and Mongo.

mongo_certificate_verify

Set it to true if you want to verify MongoDB SSL server certificate when ABS connects to MongoDB. The default value is false.

Make sure mongo_ssl is set to true before setting mongo_certificate_verify to true.

mongo_replica_set

Name of the MongoDB replica set. Default name is absrs01.

attack_initial_training

The number of hours that you want to train the AI model before it moves to the prediction mode. Default value is 24 hours.

system_memory

Memory size in MB allocated to run machine learning jobs. Recommended to be at least 50% of system memory.

access_key and secret_key

The access key and secret for the admin user. For more information on different ABS users, see ABS users.

":" (colon) is a restricted character and not allowed in access key and secret key.

access_key_ru and secret_key_ru

The access key and secret for the restricted user. For more information on different ABS users, see ABS users.

":" (colon) is a restricted character and not allowed in access key and secret key.

jks_password

The password of the Java Keystore (JKS). The default password is abs123.

Email default settings

Configure the following settings:

  • enable_emails: Set it to true for ASE to send email notifications. Default value is false.

  • smtp_host and smtp_port

  • sender_email: Email address used from which email alerts and reports are sent.

  • email_password: Password of sender’s email account.

  • receiver_email: Email address at which the email alerts and reports are sent.

CLI admin password

The default value for CLI admin is admin. To change the password, you need the current password.

poc_mode

Sets the mode in which AI engine sets the thresholds for the AI models. If set to true, AI engine sets thresholds at a lower value. It should be set to true only for a proof-of-concept deployment.

consumer_user

ABS consumer user in Kafka.

Default: abs_consumer

producer_user

ABS producer user in Kafka.

Default: abs_producer

abs_groupid

ABS group in Kafka.

Default: pi4api.abs

consumer_authentication_password

ABS consumer user password.

Default: changeme

producer_authentication_password

ABS producer user password.

Default: changeme

min_insync_replicas

Minimum number of insync replicas for data in Kafka.

transactions_topic

ABS transaction topic in Kafka.

attacks_topic

ABS attack topic in Kafka.

anomalies_topic

ABS anomalies topic in Kafka.

topic_partitions

Number of partitions for topics.

replication_factor

Replication factor for topics.

retention_period

Retention period of data on topics.

kafka_server_url

Pre-existing Kafka ip:port that must be configured in config/abs-defaults.yml.

kafka_custom_truststore_password

Pre-existing Kafka truststore password in config/abs-defaults.yml.

management_port

API Publish service port.

Default: 8050

jks_password

API Publish service JKS password.

You can change the password for the JKS file. It will be generated during installation.

mongo_certificate_verify

Mongodb Server Certificate Verification for API Publish service.

Default: false

server_ssl_key_alias

Alias for API Publish service SSL JKS file.

Default: pingidentity

data_dbname

API Publish service database name.

Default: abs_data

meta_database

API Publish service metadatabase name.

Default: abs_metadata

current_admin_password

API Publish service CLI password.

Default: admin

new_admin_password

API Publish service new admin password.

Default: admin

Make sure to take a backup of the abs-defaults.yml file on a secure machine after the automated installation is complete.

The following is a sample abs-defaults.yml file.

---
abs:
 # Define ports for the PingIntelligence ABS
 # Make sure ports are not same for single server installation
 management_port: 8080

 # Mongo DB User and password
 mongo_username: absuser
 mongo_password: abs123
 # Define cache size for MongoDB (% of total RAM).
 # MongoDB will be configured to use this percentage of host memory.
 mongo_cache_size: 25
 # Communication between mongo and ABS
 mongo_ssl: true
 # Mongo DB Server Certificate Verification
 # Set to true if Mongo DB instance is configured in SSL mode and you want to do the server certificate verification
 # By default ABS will not verify the MongoDB server certificate
 mongo_certificate_verify: false
 # Mongo replica set name
 mongo_replica_set: absrs01

 # When kafka is set to false in config/hosts, this url will be used
 # Give the host:port combination of mutiple kafka server in comma seperated.
 # Make sure kafka_server_url is accessible from ansible management host, dataengine, and abs nodes.
 #This will be used via dashboard dataengine module too.

 kafka_server_url: kafka_1:9093

 # When kafka is set to false in config/hosts, this passoword for jks will be used
 #This will be used via dashboard dataengine module too.

 kafka_custom_truststore_password: custom



 # Duration of initial training period (units in hours)
 # This value will be set in the mongo nodes
 attack_initial_training: 24

 # Memory for webserver and streaming server (unit is in MB)
 system_memory: 4096

 # Access keys and secret keys to access ABS
 access_key: abs_ak
 secret_key: abs_sk
 access_key_ru: abs_ak_ru
 secret_key_ru: abs_sk_ru

 # Password for ABS keystore
 jks_password: abs123

 #Users in Kafka for abs
 consumer_user: abs_consumer
 producer_user: abs_producer
 abs_groupid: pi4api.abs

 # Kafka Consumer Producer Password
 consumer_authentication_password: changeme
 producer_authentication_password: changeme

 #Kafka Relicas
 min_insync_replicas: 1
 #topics to be created in kafka
 transactions_topic: pi4api.queuing.transactions
 attacks_topic: pi4api.queuing.ioas
 anomalies_topic: pi4api.queuing.anomalies

  #Topic partition ,replication_factor and retention_period(in milli seconds)
  #These will be used when install_kafka is true and topics are created as part of deployment.
 topic_partitions: 1
 replication_factor: 1
 retention_period: 172800000

 # Configure Email Alert. Set enable_emails to true to configure
 # email settings for ABS
 enable_emails: false
 smtp_host: smtp.example.com
 smtp_port: 587
 sender_email: sender@example.com
 email_password: password
 receiver_email: receiver@example.com

 # CLI admin password
 current_admin_password: admin
 new_admin_password: admin

 poc_mode: false

api_publishing_service:
 # Define ports for the PingIntelligence API Publish Service
 # Make sure ports are not same for single server installation
 management_port: 8050

 # Password for APIPublish keystore
 jks_password: api123

 # Mongo DB Server Certificate Verification
 # Set to true if Mongo DB instance is configured in SSL mode and you want to do the server certificate verification
 # By default apipublish will not verify the MongoDB server certificate
 mongo_certificate_verify: false

 server_ssl_key_alias: pingidentity

 # MongoDB Database names
 data_dbname: abs_data
 meta_database: abs_metadata

 # MongoDB authentication
 # If authentication is not enabled in MongoDB, set the mongo_auth_mechanism to NONE
 # The supported MongoDB authentication mechanisms are DEFAULT and PLAIN.
 # If authentication mechanism is DEFAULT, provide MongoDB username and password for mongo_username
 # and mongo_password. If authentication mechanism is PLAIN, provide external
 # LDAP username and password in mongo_username and mongo_password.
 mongo_authentication_mechanism: DEFAULT

 # CLI admin password
 current_admin_password: admin
 new_admin_password: admin

To change the default system memory in theabs.properties file of ABS:

Steps

  1. Go to the software directory.

  2. Untar the ABS binary by entering the following command.

    # tar –zxvf pi-api-abs-5.0.tar.gz

  3. Edit the config/abs.properties file to change the default value of system_memory to 50% of host memory.

    # vi pingidentity/abs/config/abs.properties

    For example, if host ABS system has 16 GB of memory, set the value to 8192 MB.

  4. Save the file.

  5. Tar the ABS binary and save it with the same file name (pi-api-abs-5.0.tar.gz) in the software directory by entering the following command.

    # tar -czf pi-api-abs-5.0.tar.gz pingidentity/abs