You can change the default settings in ABS by editing the abs-defaults.yml file.
Important:
Make a backup of the abs-defaults.yml file on a secure machine after the automated installation is complete.
The following is a sample abs-defaults.yml
file.
---
abs:
# Define ports for the PingIntelligence ABS
# Make sure ports are not same for single server installation
management_port: 8080
# Mongo DB User and password
mongo_username: absuser
mongo_password: abs123
# Define cache size for MongoDB (% of total RAM).
# MongoDB will be configured to use this percentage of host memory.
mongo_cache_size: 25
# Communication between mongo and ABS
mongo_ssl: true
# Mongo DB Server Certificate Verification
# Set to true if Mongo DB instance is configured in SSL mode and you want to do the server certificate verification
# By default ABS will not verify the MongoDB server certificate
mongo_certificate_verify: false
# Mongo replica set name
mongo_replica_set: absrs01
# When kafka is set to false in config/hosts, this url will be used
# Give the host:port combination of mutiple kafka server in comma seperated.
# Make sure kafka_server_url is accessible from ansible management host, dataengine, and abs nodes.
#This will be used via dashboard dataengine module too.
kafka_server_url: kafka_1:9093
# When kafka is set to false in config/hosts, this passoword for jks will be used
#This will be used via dashboard dataengine module too.
kafka_custom_truststore_password: custom
# Duration of initial training period (units in hours)
# This value will be set in the mongo nodes
attack_initial_training: 24
# Memory for webserver and streaming server (unit is in MB)
system_memory: 4096
# Access keys and secret keys to access ABS
access_key: abs_ak
secret_key: abs_sk
access_key_ru: abs_ak_ru
secret_key_ru: abs_sk_ru
# Password for ABS keystore
jks_password: abs123
#Users in Kafka for abs
consumer_user: abs_consumer
producer_user: abs_producer
abs_groupid: pi4api.abs
# Kafka Consumer Producer Password
consumer_authentication_password: changeme
producer_authentication_password: changeme
#Kafka Relicas
min_insync_replicas: 1
#topics to be created in kafka
transactions_topic: pi4api.queuing.transactions
attacks_topic: pi4api.queuing.ioas
anomalies_topic: pi4api.queuing.anomalies
discovery_topic: pi4api.queuing.apis
#Topic partition ,replication_factor and retention_period(in milli seconds)
#These will be used when install_kafka is true and topics are created as part of deployment.
topic_partitions: 1
replication_factor: 1
retention_period: 172800000
# Configure Email Alert. Set enable_emails to true to configure
# email settings for ABS
enable_emails: false
smtp_host: smtp.example.com
smtp_port: 587
sender_email: sender@example.com
email_password: password
receiver_email: receiver@example.com
# CLI admin password
current_admin_password: admin
new_admin_password: admin
poc_mode: false
api_publishing_service:
# Define ports for the PingIntelligence API Publish Service
# Make sure ports are not same for single server installation
management_port: 8050
# Password for APIPublish keystore
jks_password: api123
# Mongo DB Server Certificate Verification
# Set to true if Mongo DB instance is configured in SSL mode and you want to do the server certificate verification
# By default apipublish will not verify the MongoDB server certificate
mongo_certificate_verify: false
server_ssl_key_alias: pingidentity
# MongoDB Database names
data_dbname: abs_data
meta_database: abs_metadata
# MongoDB authentication
# If authentication is not enabled in MongoDB, set the mongo_auth_mechanism to NONE
# The supported MongoDB authentication mechanisms are DEFAULT and PLAIN.
# If authentication mechanism is DEFAULT, provide MongoDB username and password for mongo_username
# and mongo_password. If authentication mechanism is PLAIN, provide external
# LDAP username and password in mongo_username and mongo_password.
mongo_authentication_mechanism: DEFAULT
# CLI admin password
current_admin_password: admin
new_admin_password: admin