PingIntelligence Dashboard engine - PingIntelligence for APIs

PingIntelligence Dashboard engine - PingIntelligence for APIs - 5.2

PingIntelligence

bundle

pingintelligence-52

ft:publication_title

PingIntelligence

Product_Version_ce

PingIntelligence for APIs 5.2 (Latest)

category

APISecurity

AdvancedAPICybersecurity

Capability

Environment

Product

apisecurity

capability

linux

pi-52

pingintelligence

private

ContentType_ce

When you install the PingIntelligence Dashboard, the on-prompt installation steps asks for configuration values, including access and secret key, ABS and ASE URL, and so on.

These values after installation are populated in the <pi_install_dir>/dashboard/config/dashboard.properties file. To change these values, you can stop the Dashboard engine, edit the dashboard.properties file and then start the Dashboard engine. See Starting and stopping the PingIntelligence Dashboard for more information on how to start and stop each component individually.

# Dashboard properties file

### ABS
# ABS Hostname/IPv4 address
abs.host=127.0.0.1
# ABS REST API port
abs.port=8080
# ABS SSL enabled ( true/false )
abs.ssl=true
# ABS Restricted user access ( true/false )
abs.restricted_user_access=true
# ABS access key
abs.access_key=OBF:AES:NuBmDdIhQeNlRtU8SMKMoLaSpJviT4kArw==:HHuA9sAPDiOen3VU+qp6kMrkgNjAwnKO6aa8pMuZkQw=
# ABS secret key
abs.secret_key=OBF:AES:NuBmDcAhQeNlPBDmyxX+685CBe8c3/STVA==:BIfH+FKmL5cNa1DrfVuyc5hIYjimqh7Rnf3bv9hW0+4=
# ABS query polling interval (minutes)
abs.query.interval=10
# ABS query offset (minutes. minimum value 30 minutes)
abs.query.offset=30


### UI
# publish attacks+metrics to UI. Valid values true or false
publish.ui.enable=true
# elasticsearch URL
es.url=https://localhost:9200/
# elasticsearch username. User should have manage_security privilege
es.username=elastic
# elasticsearch user password
es.password=OBF:AES:NOp0PNQvc/RLUN5rbvZLtTPghqVZzD9V:+ZGHbhpY4HENYYqJ4wn50AmoO6CZ3OcfjqTYQCfgBgc=
# kibana version
kibana.version=6.8.1


### Log4j2
# publish attacks to Log4j2. Valid values true or false
# By default it provides syslog support
publish.log4j2.enable=false
# log4j2 config file to log attacks to an external service. For example, Syslog
# use com.pingidentity.abs.publish as logger name in log4j2 configuration
log4j2.config=config/syslog.xml
# log4j2 log level for attack logging
log4j2.log.level=INFO
# directory for any log4j2 config dependency jar's.
# useful for third party log4j2 appenders
# it should be a directory
log4j2.dependencies.dir=plugins/

### Log level
dashboard.log.level=INFO

The following table describes all the parameters in the dashboard.properties file.

Parameter	Description
ABS
abs.host	IP address of the ABS server. Note: Two options exist to choose an ABS server: Utilize an existing ABS server. For production deployments, Ping Identity recommends dedicating an exclusive ABS reporting node.
abs.port	REST API port number of the ABS host. See `abs.properties`. The default value is 8080.
abs.ssl	Setting the value to true ensures SSL communication between ABS and dashboard engine.
abs.restricted_user	When set to `true`, Elasticsearch uses the restricted user header (configured in the pingidentity/abs/mongo/abs_init.js file) to fetch the obfuscated values of OAuth token, cookie, and API keys. When set to `false`, the admin user header is used to fetch the data in plain text. For more information on admin and restricted user headers, see ABS users for API reports.
abs.access_key	Access key from ABS. See pingidentity/abs/mongo/abs_init.js. Make sure to enter the access key based on the value set in the previous variable. For example, if `abs.restricted_user` is set to `true`, then enter the access key for restricted user. If `abs.restricted_user` is set to `false`, then use the access key for the admin user.
abs.secret_key	Secret key from ABS. See pingidentity/abs/mongo/abs_init.js. Make sure to enter the secret key based on the value set in the previous variable. For example, if `abs.restricted_user` is set to `true`, then enter the secret key for restricted user. If `abs.restricted_user` is set to `false`, then use the secret key for the admin user.
abs.query.interval	Polling interval to fetch data from ABS. The default is 10 minutes.
abs.query.offset	The time required by ABS to process access logs and generate result. The minimum and default value is 30 minutes.
UI
publish.ui.enable	Set to `true` to display the PingIntelligence Dashboard. The Dashboard displays attack and metrics data. Set to `false` if you do not want to display the Dashboard.
es.url	Elasticsearch URL.
es.username	Elasticsearch username.
es.password	Elasticsearch password.
kibana.version	Kibana version. The default is 6.8.1.
dashboard.log.level	Log level for the Dashboard. The default log level is `INFO`. Another log level is `DEBUG`.
Log4j
publish.log4j2.enable	Set to `true` to send attack data to the `syslog` server. Set to `false` to disable sending attack data to syslog server. Note: The Dashboard and `Syslog` cannot be disabled together.
log4j2.config	The log4j2 config file that logs the attack data.
log4j2.log.level	Log level for log4j. The default log level is `INFO`.
log4j2.dependencies.dir	The directory for any log4j configuration dependency. Make sure that it is a directory.