System Admin Configuration Types

System Admin configurations set values for system administrative settings. The available System Admin configuration types are listed here.

Authentication External

An Authentication External configuration defines values and behavior for a hardware or software system requiring authentication to an external server, such as LDAP or RADIUS.

After changing the Authentication Method on a host, you must delete the host from ArcMC, then re-add it using Node Management.

Note: Authentication External configurations can only be imported from managed Loggers, not created in ArcMC. See Importing a Subscriber Configuration for more information.

 

Authentication External Configuration Parameters

Parameter

Data Type

Description

Authentication Method*

String

System authentication method.

Allow Local Password Fallback for Default Admin Only*

Boolean

If Yes, the authentication server will fall back to local passwords for authentication for administrators.

Allow Local Password Fallback for All Users*

Boolean

If Yes, the authentication server will fall back to local passwords for authentication for all users.

LDAP Server Hostname[port]*

String

LDAP server hostname and port.

LDAP Backup Server Hostname [port]

String

LDAP backup server hostname and port.

LDAP Server Request Timeout (seconds)

Integer

LDAP server request timeout, in seconds.

RADIUS Server Hostname[port]

String

RADIUS server hostname and port.

RADIUS Backup Server Hostname[port]

String

RADIUS backup server hostname and port.

RADIUS Shared Authentication Secret

String

RADIUS authentication shared secret.

RADIUS Server NAS IP Address

String

RADIUS server Network Access Server IP address .

RADIUS Request Timeout (seconds)

Integer

RADIUS server request timeout, in seconds.

RADIUS Retry Request

Integer

Number of times to retry RADIUS server requests.

RADIUS Protocol

String

Type of RADIUS protocol.

Authentication Local Password

An Authentication Local Password configuration defines a hardware or software system’s local password options and behavior.

Authentication Local Password Configuration Parameters

Parameter

Data Type

Description

Enable Account Lockout*

Boolean

If Yes, account lockouts are enabled after an incorrect password entry.

Lock Out Account after N Failed Attempts*

Integer

Number of failed attempts before lockout.

Remember Failed Attempts For (seconds)*

Integer

Time, in seconds, between failed attempts that will trigger a lockout.

Lockout Account for (minutes)*

Integer

Time, in minutes, that the account will be locked out.

Enable Password Expiration*

Boolean

If Yes, password expiration is enabled

Password Expires in (days)*

Integer

Interval, in days, after which a password expires.

Notify User (Days Before Expiration)*

Integer

Days before password expiration that the user is notified.

Users Exempted from Password Expiration Policy

List of comma-separated strings

Comma-separated list of users whose passwords will never expire.

Enforce Password Strength*

Boolean

If Yes, password strength is enforced.

Minimum Length (characters)*

Integer

Minimum number of password characters.

Maximum Length (characters)*

Integer

Maximum number of password characters.

Numeric [0-9]*

Integer

Minimum number of numeric password characters.

Upper Case [A-Z]*

Integer

Minimum number of uppercase password characters.

Lower Case [a-z]*

Integer

Minimum number of lowercase password characters

Special [1$^*...]*

Integer

Minimum number of special password characters.

Password Must Be At Least*

Integer

Minimum number of characters a new password must differ from the user’s previous password.

Include “Forgot Password” link on Login Screen*

Boolean

If Yes, a link is provided where the user can recover a password.

Authentication Session

An Authentication Session configuration defines values for a hardware or software system’s authentication sessions.

Authentication Session Configuration Parameters

Parameter

Data Type

Description

Max Simultaneous Logins Per User*

Integer

Maximum number of simultaneous logins per user.

If Max Simultaneous Logins/User is set to 1, it is required to have at least another admin user, otherwise the admin user will not be able to log in.

Logout Inactive Session After (seconds)*

Integer

Inactivity session timeout, in seconds.

Disable Inactive Account After (days)*

Integer

Number of days of inactivity after which an account will be disabled.

DNS Configuration

A DNS Configuration defines values for a hardware appliance’s Domain Name Service.

DNS Configuration Parameters

Parameter

Data Type

Description

Primary DNS*

String

Primary DNS server.

Secondary DNS

String

Secondary DNS server.

DNS Search Domains

List of comma-separated strings

Comma-separated list of DNS search domains.

FIPS Configuration

A FIPS configuration enables or disables FIPS mode on a managed node.

Note: After pushing a FIPS configuration, the destination node will be restarted.

FIPS Configuration Parameters

Parameter

Data Type

Description

Enabled*

Boolean

If Yes, FIPS is enabled on the node.

Network Configuration

A Network Configuration defines values for a hardware appliance’s default gateway setting.

Note: Values for these network settings cannot be changed through ArcSight Management Center: hostname, IP addresses for the network interfaces, static routes, /etc/hosts file, and time settings.

 

Network Configuration Parameters

Parameter

Data Type

Description

Default Gateway*

String

Default network gateway.

NTP Configuration

An NTP Configuration defines values for a hardware appliance’s Network Time Protocol.

NTP Configuration Parameters

Parameter

Data Type

Description

Enable as NTP Server*

Boolean

If Yes, the system is enabled as an NTP server.

NTP Servers*

List of comma-separated strings

Comma-separated list of NTP servers. Required even if Enable as NTP Server is false.

SMTP Configuration

An SMTP Configuration defines values for a hardware or software system’s Simple Mail Transfer Protocol.

SMTP Configuration provides for authentication and security. This is implemented through the primary STMP server port, primary username, primary password, primary certificate, backup STMP server port, backup username, backup password, and backup certificate fields, along with the primary STMP server, backup STMP server, and outgoing email address fields.

SMTP Configuration Parameters

Parameter

Data Type Description
Primary SMTP Server* String Primary SMTP server.
Secondary SMTP Server String Secondary SMTP server.
Outgoing Email Address* String Outgoing email address.
Enable Auth/TLS Boolean Enable/Disable secure authenticated mode of communication with SMTP server
Primary SMTP Server Port Integer Primary SMTP Server Port. Required if Auth/TLS is enabled.
Primary SMTP Server Username String Primary SMTP Server Username. Required if Auth/TLS is enabled.
Primary SMTP Server Password String Primary SMTP Server Password. Required if Auth/TLS is enabled.
Primary SMTP Server Certificate Content String Upload Primary SMTP Server Certificate. Required if Auth/TLS is enabled.
Secondary SMTP Server Port Integer Secondary SMTP Server Port. Required if Auth/TLS is enabled.
Secondary SMTP Server Username String Secondary SMTP Server Username. Required if Auth/TLS is enabled.
Secondary SMTP Server Password String Secondary SMTP Server Password. Required if Auth/TLS is enabled.
Secondary SMTP Server Certificate Content String Upload secondary SMTP Server Certificate. Required if Auth/TLS is enabled.

SNMP Poll Configuration

An SNMP Poll Configuration defines values for a hardware appliance’s Simple Network Management Protocol monitoring. supports V2c and V3 of SNMP.

SNMP Poll Configuration Parameters

Parameter

Data Type

Description

Status

Boolean

If Yes, SNMP polling is enabled.

Port*

Integer

SNMP port.

SNMP Version* String Version of SNMP supported.Valid values are v2c and v3.
Community String String SNMP community string. Required for V2c only.
Username String Authentication username. Required for V3 only.
Authentication Protocol* String Authentication protocol. Valid values are MD5 and SHA. Required for V3 only.
Authentication Passphrase String Authentication passphrase. Required for V3 only.
Privacy Protocol String Privacy protocol. Valid values are DES and AES128. Required for V3 only.
Privacy Passphrase String Privacy passphrase. Required for V3 only.
System Name String Name of the SNMP system.
Point of Contact String Point of contact.
Location String System location.

SNMP Trap Configuration

An SNMP Trap Configuration defines values for a hardware appliance’s Simple Network Management Protocol notifications. supports V2c and V3 of SNMP.

Note: In previous versions of , an SNMP Trap configuration was known as an SNMP Configuration.

SNMP Trap Configuration Parameters

Parameter

Data Type

Description

Status

Boolean

If Yes, SNMP polling is enabled.

NMS IP Address String IP address of network management server.

Port*

Integer

SNMP port.

SNMP Version* String Version of SNMP supported.Valid values are v2c and v3.
Community String String SNMP community string. Required for V2c only.
Username String Authentication username. Required for V3 only.
Authentication Protocol* String Authentication protocol. Valid values are MD5 and SHA. Required for V3 only.
Authentication Passphrase String Authentication passphrase. Required for V3 only.
Privacy Protocol String Privacy protocol. Valid values are DES and AES128. Required for V3 only.
Privacy Passphrase String Privacy passphrase. Required for V3 only.