Versions Compared

Version Old Version 1 New Version 2
Changes made by

maria ieropoulos

maria ieropoulos

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

General

1.pngImage Modified

The following options may be set:

  • Web Management Port  - The port the Snare Reflector web UI operates on.
  • Web UI HTTPS Certificate - This certificate will be used for HTTPS Snare Reflector Web UI interactions.
  • TLS Listener Certificate - This certificate will be used for TLS client interactions.
  • Event Cache Memory Size - This is the total memory size in MB used by the RAM-based event cache. Once the cache is full, the Snare Reflector will store incoming events on disk. Once the disk cache is full, Snare Reflector may start dropping incoming events.
  • Disk Cache Folder - This is the folder location of the disk cache. Disk cache files are written to this folder location.  This location can be changed entering a new folder location. If the folder location does not exist, then Snare Reflector will revert to the last known good folder location.For performance and security reasons it is recommended that the disk cache be used only on NTFS formatted drives, rather than FAT32. 
  • Disk Cache File Size - This is the maximum size in MB of the file used by the disk cache to store events.
  • Disk Cache Email Alert Threshold - Set this to send an email alert if the disk cache fills to this volume as a percentage of total capacity.  A value of 0 indicates no alerts will be sent. 
  • Setup Wizard - The setup wizard helps you walk through initial steps to get Snare Reflector up and running.   Selecting Restart Wizard will cause the Wizard to restart. 

To save and set the changes to the above settings, and to ensure the Reflector service has received the new configuration, perform the following:

  1. Click on Update to save any changes to the registry.

  2. Click on the Restart Snare Reflector button at the top of the screen.

 

Note
titleNote

Any changes to the "Disk Cache Folder", "Disk Cache File Size" or "Event Cache Size" will result in the loss of any events currently stored on the disk cache. Please ensure that the reflector is quiet if these settings need to be changed while in operation.   Additionally any disk I/O errors during normal operation or on loading after a restart may also result in loss of any events currently stored on the disk cache if the reflector can not process the cache file.

License

This page details the licensing information for the Snare Reflector and includes:

  • The Key IDs for your local host, where the Snare Reflector is installed

  • The active licenses registered to your organization

  • The ability to add a license.  To add a license, paste your license text into the shaded area and click Add.  This will activate a license for the Reflector, without needing to restart the Reflector service.

In order to license Snare Reflector you will need to submit your Key IDs via the Snare License and Download Manager (SLDM) web site https://customer.intersectalliance.com using your login credentials, and add that license to the Reflector.

1.png

Destinations

Setting a destination point is described above.

Listeners

This page displays the ports and protocols on which the Snare Reflector is listening for incoming events.  The Snare Reflector Listeners cannot be modified at this point in time.

Alerts

The Snare Reflector can be configured to notify someone whenever the disk cache reaches a specified capacity. 

...

You can test the configuration by clicking Send a test email (ensure your changes are applied before attempting to send the test email).

My Account

The current user information for Snare Reflector is displayed, with the ability to update the password.

1.png

Passwords must comply with the following criteria:

  • Meet at least 3 out of the following 4 complexity rules:

    • At least 1 uppercase character (A-Z)

    • At least 1 lowercase character (a-z)

    • At least 1 digit (0-9)

    • At least 1 special character (punctuation)

  • At least 10 characters

  • At most 128 characters

  • Not more than 2 identical characters in a row (e.g. 111 not allowed)

About

Basic information about the Snare Reflector is displayed here including version information, build id, and the length of time Snare Reflector is online. The server and client times are important to ensure there is not any time drift of more than ten seconds, as it may prevent logging into the Reflector.

All packages that Snare Reflector requires are also listed with their licensing information.

1.png

Help

The help page describes information relating to configuring the Destinations as described in this document.