Settings

Settings#

  • Alarm Notifications: Enable additional system alarms.

  • Alarm Settings: Modify settings to optimize syslog and SMTP processing.

  • ASA ACL Descriptions: Enter the username and password used to SSH into ASA firewalls to retrieve ACL descriptions (Appliance only).

  • AWS Configuration: Set parameters for Amazon Web Services flow streaming configuration here.

  • Data History: Specify how long each flow interval is saved.

  • Historical 1 Min Avg: Saves 100% of all flows received. Make sure the server has enough disk space to save significant quantities of the raw flows. The 1 minute intervals consume the most disk space as it is not aggregated and flows are in raw format.

  • Historical 5 minute - 1 week Avg: These intervals only save the specified Maximum Conversations after aggregation per interval.

  • Maximum Conversations: Used when creating large intervals (e.g. 5 minute) from prior intervals (e.g. 1 minute). All flows are aggregated together per router. The top 1,000 (default) based on bytes are saved.

    Note

    The default value for the Flow Maximum conversations field is 1,000 and the maximum value is 25,000.

  • Auto History Trimming: This option allows for automatic database trimming when available disk space falls below 10% (with a minimum threshold of 10GB). Check the checkbox to activate this option. An alarm will also be generated to send an alert that the database is being trimmed (1 minute and 5 minute conversation database tables) and includes how much 1 minute and 5 minute data currently exists in the database (in hours).

    Note

    In a distributed collector environment, each collector will perform the database trimming independent of the other collectors. Auto History Trimming on/off applies to all of the collectors in the cluster, but the database trimming will only occur on the server(s) that fall below 10% of available disk space.

  • Email Server: Necessary for on demand and scheduled emailed reports. Make sure the test is successful.

  • Flow Analytics Configuration: Used to configure the algorithms and monitor their performance.

  • Flow Analytics Exclusions: Used to manage the Flow Analytics IP Group and hostname exclusions.

  • Flow Analytics Settings: Used to modify default settings of Flow Analytics relating to FlowPro Defender, jitter, latency, violations and top algorithms.

  • Licensing: Displays the current licensing level, expiration date(s), and unique Machine ID for this installation. The Machine ID is required by Plixer Customer Service for generating new license keys. Once a new key is received, to activate the key, copy and paste the entire key in the License Key textbox. See the System > Licensing page for more information.

  • Mapping Groups: Add and manage Map Groups.

  • Mapping Objects: Add and manage Map Objects.

  • Proxy Server: Setup the server to work with a proxy server.

  • Reporting: Report settings configuration options.

  • Syslog Server: The syslog server setting tells Scrutinizer to forward all internal alarms on to an external syslog server/SIEM. For GDPR compliance, select the Forward Access Log option. Enabling this will provide a full accounting of all user actions, reports run, and filters applied in Scrutinizer.

  • System Preferences: The list of options are global configuration settings for all of the collectors. The explanation for each feature is to the right of the setting.