- 8 minutes to read
Global Settings include options that have impact system-wide.
To open Global Settings, from the top right corner of any screen, click . The System Settings screen opens. Then click the Global Settings tab.
Global Settings consist of the following options, none of which are selected by default:
GUI SSL Settings
Override Default SSL Settings (required, default: False) - Check this checkbox in order to replace the default self-signed SSL certificate presented when accessing the Axonius GUI.
Once enabled, configure the following parameters:
- Site Hostname (required) - The hostname of the certificate. This must match a value defined in the certificates Common Name or Subject Alternative Name.
- Certificate File (required) - The public certificate (PEM format)
- Private Key File (required) - The private key certificate (PEM format)
- Private Key Passphrase (optional, default: empty) - The password for the Private Key File, if it is password-protected.
SSL Trust & CA Settings
- Use Custom CA Certificate (required, default: False) - Check this checkbox to be able to upload Certificate Authority (CA) certificates files that will be used when Verify SSL is enabled for an adapter connection. The CA certificates provided here will be used in combination with the Mozilla CA Certificate List to verify that the certificate presented by the host defined in the adapters connection is valid.
- Proxy Enabled (required, default: False) - Check this checkbox to use a proxy for the Axonius machine, if a proxy service exists in your environment.
- Once enabled, you need to configure the proxy address and port (default is 8080), and user name and password as optional fields for proxy services, if required.
- Choose whether to verify the SSL certificate of the server. By defualt, the Verify SSL checkbox is selected.
Use CyberArk (required, default: False) - Check this checkbox to enable CyberArk integration and allow to Axonius to securely pull privileged credentials from the CyberArk Vault using CyberArk’s Application Access Manager (AAM).
Once enabled, please follow CyberArk integration configuration guidelines, and specify the following parameters:
- CyberArk Domain (required) - The base URL of the Central Credential Provider (CCP).
- Port (required) - The port the Central Credential Provider (CCP) is listening to.
- Application ID (required) - The Application ID which identifies the Axonius application created in CyberArk.
- Certificate Key (required) - The certificate which will be authenticated against the Certificate Serial Number defined on the Application.
Send Emails (required, default: False) - Check this checkbox to use an Email server. A configured Email server is a prerequisite before you can configure an email notification as part of a configured Enforcement Set or configuring a report to be sent via mail.
- Once enabled, you need to define the Email Host name and Port. User name and Password are optional.
- Configure if the connection will be unencryped, verified or unverified. If you select the Verified or Unverified options, you need to provide the SSL CA, certificate and private key files.
- Define the Sender Address for all mails sent by Axonius.
Use Syslog (required, default: False) - Check this checkbox to use a Syslog server.
Once enabled, define Syslog Host name and Port (optional) and you can use an SSL connection and certificates.
This setting must be enabled in order to utilize the Send to Syslog System action.
If this setting is enabled, the following log entries are sent to the configured Syslog server:
- Sent on success or failure of each login attempt.
- Entries will include the supplied user name and the result.
- Discovery cycle phase
Sent on the beginning and ending of each discovery cycle phase.
- Adapter connection failures
- Sent when an adapter connection fails to connect using the supplied configuration.
- Entries will include the adapter name, ID of the node running the adapter, and connection error.
- Adapter connection fetches
- Sent when a fetch is finished if the "Notify on Adapters" setting is enabled.
- Entries will include the number of assets fetched and how long the fetch took.
- Adapter connection asset cleanup
- Sent when an adapter decides to remove assets due to the configuration defined in Advanced Settings.
- Entries will include the number of assets removed.
- For more details see: Adapter Advanced Settings.
HTTPS Logs Settings
Use HTTPS Logs (required, default: False) - Check this checkbox to use an HTTPS logs server,
Once enabled, define HTTPS Logs Host name, Port (optional) and the HTTP Proxy name (optional).
This setting must be enabled in order to utilize the Send to HTTPS Log System action.
If this setting is enabled, the log entries described in the Syslog Settings are sent to the configured HTTPS logs system.
Use Jira (required, default: False) - Check this checbox to use a Jira server. This is a prequisite to configure an Enforcement Set with a 'Create Jira Issue' action.
To integrate Axonius with Jira, you need to do the following :
- Create a user in your Atlassian site with access to Jira. The user should be part of the most basic group which is jira-software-users.
- Log in to Jira using the created user and generate an API token.
For cloud based Atlassian sites, use the following URL to generate an API token: https://id.atlassian.com/manage/api-tokens#
- Under the Global Settings, specify the Jira domain, User Name and API Key.
Choose whether to verify the SSL certificate of the server. By default, the Verify SSL checkbox is unselected.
- Notify On Adapters Fetch (required, default: False) - Check this checkbox to generate a system notification, notify Syslog (if enabled) or notify HTTPS Log System (if enabled) every time a discovery cycle for specific adapter starts and when it ends.
- Adapters Errors Mail Address (optional, default: empty) - Configure a comma-separated list of email addresses to receive an email when there is a connection issue with any of the adapter connections.
- Adapters Errors Webhook Address (optional, default: empty) - Configure webhook URL to receive a message when there is a connection issue with any of the adapter connections. The message sent is as same as the message included in the email.
- Correlate Users by Email Prefix (required, default: False) - Axonius correlates users based on several criteria, including the user name and email address.
- If enabled, Axonius correlates users by email prefix only, instead of correlating users by the entire email address. For example, in the email address JohnDoe@CompanyDomain.com, “JohnDoe” is the email prefix.
- If disabled, Axonius correlates users by the entire email address.
- Correlate Microsoft Active Directory (AD) and Microsoft SCCM data based on Distinguished Names (required, default: False)
- If enabled, Axonius only correlates devices from a Microsoft Active Directory (AD) or a from Microsoft SCCM adapter connection by the LDAP object distinguished name only.
- If disabled, Axonius correlates devices from connections for those adapters based on hostname, serial number, MAC address, IP address and more.
- Correlate CSV Adapter only if Full Hostnames are Equal (required, default: False)
- If enabled, Axonius only correlates assets from a CSV adapter connection if the full hostname in the CSV matches the full hostname of an asset in Axonius.
- If disabled, Axonius correlates assets from a CSV adapter connection if the hostname in the CSV partially matches the full hostname of an asset in Axonius. For example, if the full hostname is "WIN-12345.TestDomain.test", and the hostname fetched from the CSV adapter connection is "WIN-12345" Axonius will correlate that data.
- Correlate ServiceNow Adapter based on MAC Address Only (required, default: False)
- If enabled, Axonius only correlates assets from ServiceNow adapter connection based on MAC address.
- If disabled, Axonius correlates assets from ServiceNow adapter connection based on MAC address and at least one additional parameter, for example: name serial number or IP address.
Static Analysis Settings
- Fetch Software Vulnerabilities Even when the Vendor Name is Unknown (required, default: False) - Check this checkbox to fetch vulnerabilities even if the software vendor name is unknown. By default, this options is unselected, and Axonius will fetch vulnerabilities only if they include both software and vendor names.
- Maximum Adapters to Execute Asynchronously (required, default: 20) - Define the number of adapters that - as part of discovery cycle - will be executed to fetch asset information in parallel.
- Socket Read-Timeout in Seconds (required, default: 5 seconds) - Define the number of seconds to wait for any initial or existing connection response before reporting a connection timeout. Default value is 5 seconds.
Getting Started with Axonius Settings
- Enable Getting Started with Axonius Checklist (required, default: False) - Check this checkbox to enable and display the Getting Started with Axonius checklist.
Amazon S3 Settings
These settings are for the
- Remote Support (required, default: True) - Allow Axonius to remotely connect to the instance using a Chef agent. Remote support is required to provide continuous updates, maintenance, and troubleshooting. It is strongly recommended to keep this enabled to have the best customer experience.
If you turn remove support off, you can still allow Axonius to remotely connect to the instance for a predefined number of hours.
- Anonymized Analytics (required, default: True) - Anonymized analytics data will be sent to Axonius. This kind of data consists of errors and exceptions, usage alerts, and more. It is strongly recommended to keep this enabled to have the best customer experience.
- Remote Access (required, default: True) - Remote Access allows Axonius to keep the system updated by providing continuous updates and to speed-up issue resolution time.