PingIntelligence

Configuring time zone in ASE

You can set up the API Security Enforcer (ASE) in either the local orUTC time zone by configuring the timezone parameter in the /pingidentity/ase/config/ase.conf file.

About this task

All of the management, access, and audit logs capture the time based on the time zone configured in ase.conf file. If thetimezone parameter is left empty, ASE runs in the UTC time zone by default. The following is a snippet of ase.conf for timezone parameter:

; Set the timezone to utc or local. The default timezone is utc.
timezone=local

<truncated ase.conf...>

To change the time zone in ASE, complete the following steps:

Steps

  1. Stop ASE.

  2. Update the timezone parameter in the ase.conf file.

  3. Start ASE.

  4. Use ASE status command to check ASE’s current time zone.

    Example:

    #./bin/cli.sh -u admin -p status
API Security Enforcer
status              : started
mode                : inline
http/ws             : port 8080
https/wss           : port 8443
firewall            : enabled
abs                 : disabled, ssl: enabled
abs attack          : disabled
audit               : enabled
ase detected attack : disabled
attack list memory  : configured 128.00 MB, used 25.60 MB, free 102.40 MB
log level           : warn
timezone            : local (MST)

    If ASE is deployed in a cluster, make sure to configure the same time zone on each cluster node. If you have used automated deployment to deploy PingIntelligence, the automated deployment configures the same time zone on each ASE node.

    If you have used manual installation, then you must manually configure the time zone on each ASE node.

Next steps

Make sure that ASE, the API Behavioral Security (ABS) AI Engine, and PingIntelligence for APIs Dashboard are all configured on the same time zone.