Kaspersky Unified Monitoring and Analysis Platform

Secrets

Secret resources are used to securely store sensitive information such as user names and passwords that must be used by KUMA to interact with external services.

Available settings:

• Name (required)—a unique name for this type of resource. Must contain from 1 to 128 Unicode characters.
• Tenant (required)—name of the tenant that owns the resource.
• Type (required)—the type of secret.

  When you select the type in the drop-down list, the parameters for configuring this secret type also appear. These parameters are described below.

• Description—you can add up to 256 Unicode characters describing the resource.

Depending on the secret type, different fields are available. You can select one of the following secret types:

• credentials—this type of secret is used to store account credentials required to connect to external services, such as SMTP servers. If you select this type of secret, you must fill in the User and Password fields.
• token—this secret type is used to store tokens for API requests. Tokens are used when connecting to IRP systems, for example. If you select this type of secret, you must fill in the Token field.
• ktl—this secret type is used to store Kaspersky Threat Intelligence Portal account credentials. If you select this type of secret, you must fill in the following fields:
  • User and Password (required fields)—user name and password of your Kaspersky Threat Intelligence Portal account.
  • PFX file (required)—lets you upload a Kaspersky Threat Intelligence Portal certificate key.
  • PFX password (required)—the password for accessing the Kaspersky Threat Intelligence Portal certificate key.
• urls—this secret type is used to store URLs for connecting to SQL databases and proxy servers. In the Description field, you must provide a description of the connection for which you are using the secret of urls type.

  You can specify URLs in the following formats: hostname:port, IPv4:port, IPv6:port, :port.

• pfx—this type of secret is used for importing a PFX file containing certificates. If you select this type of secret, you must fill in the following fields:
  • PFX file (required)—this is used to upload a PFX file. The file must contain a certificate and key. PFX files may include CA-signed certificates for server certificate verification.
  • PFX password (required)—this is used to enter the password for accessing the certificate key.
• kata/edr—this type of secret is used to store the certificate file and private key required when connecting to the Kaspersky Endpoint Detection and Response server. If you select this type of secret, you must upload the following files:
  • Certificate file—KUMA server certificate.

    The file must be in PEM format. You can upload only one certificate file.

  • Private key for encrypting the connection—KUMA server RSA key.

    The key must be without a password and with the PRIVATE KEY header. You can upload only one key file.

    You can generate certificate and key files by clicking the button.

• snmpV1—this type of secret is used to store the values of Community access (for example, public or private) that is required for interaction over the Simple Network Management Protocol.
• snmpV3—this type of secret is used for storing data required for interaction over the Simple Network Management Protocol. If you select this type of secret, you must fill in the following fields:
  • User—user name indicated without a domain.
  • Security Level—security level of the user.
    • NoAuthNoPriv—messages are forwarded without authentication and without ensuring confidentiality.
    • AuthNoPriv—messages are forwarded with authentication but without ensuring confidentiality.
    • AuthPriv—messages are forwarded with authentication and ensured confidentiality.

    You may see additional settings depending on the selected level.

  • Password—SNMP user authentication password. This field becomes available when the AuthNoPriv or AuthPriv security level is selected.
  • Authentication Protocol—the following protocols are available: MD5, SHA, SHA224, SHA256, SHA384, SHA512. This field becomes available when the AuthNoPriv or AuthPriv security level is selected.
  • Privacy Protocol—protocol used for encrypting messages. Available protocols: DES, AES. This field becomes available when the AuthPriv security level is selected.
  • Privacy password—encryption password that was set when the SNMP user was created. This field becomes available when the AuthPriv security level is selected.
• certificate—this secret type is used for storing certificate files. Files are uploaded to a resource by clicking the Upload certificate file button. X.509 certificate public keys in Base64 are supported.