Configuring a Kafka Stream to use with OpenText ScanCentral DAST

As an optional configuration, you can deploy the Apache® Kafka® service to synchronize issue audit changes in Application Security with OpenText ScanCentral DAST.

To configure Application Security to stream audit history changes to Kafka:

  1. On the header, select Administration.

  2. On the navigation pane, expand Configuration, and then select Kafka Stream.

  3. On the Kafka Stream page, configure the settings as described in the following table.

    Field

    Description

    Enable streaming audit updates to Kafka

    Select this check box to synchronize changes to audit history from Application Security to Kafka.

    A comma-separated list of Kafka bootstrap servers

    Specifies a comma-separated list of brokers for the Kafka instance.

    Use the following syntax for this list:

    <host1>:<port1>,<host2>:<port2>,...

    The Kafka topic to which audit updates are published

    Specifies the Kafka topic for finding audit events.

    Kafka Security
    Enable TLS mutual auth for Kafka streaming

    Select this check box to enable mutual authentication using two-way SSL protocol to communicate with the Kafka brokers. Application Security supports two-way SSL using TLSv1.2 and TLSv1.3.

    If you do not select this check box, PLAINTEXT is used as the security protocol to communicate with the Kafka brokers.

    Truststore file location

    Specifies the path to the trust store file that contains trust store certificates in JKS  file format.

    Truststore password Specifies the password for the trust store file.
    Keystore location

    Specifies the path to the key store file that contains the client's public and private keys in JKS file format.

    Keystore password Specifies the password for the key store file.
    Private key password Specifies the password for the private key.
    Enable hostname validation of Kafka server

    Select this check box to verify the Kafka server's fully qualified domain name (FQDN) or IP address against the actual hostname or IP address of that Kafka server to ensure that you are connecting to the correct Kafka server.

  4. Click SAVE.

For more information about generating valid credentials and configuring client security, see the Apache Kafka documentation.