Setting

Description

SplunkLookupFilesDir

Path to the directory in which the converted CSV files are placed that contains indicators from Kaspersky Threat Data Feeds. It can be an absolute or relative path. If a relative path is specified, it is calculated relative to the directory in which the kl_feed_for_splunk.py file is located.

workDir

Temporary directory used by the kl_feed_for_splunk.py utility. It can be an absolute or relative path. If a relative path is specified, it is calculated relative to the directory in which the kl_feed_for_splunk.py file is located.

IPRecordCount

Number of records downloaded from IP Reputation Data Feed. Indicators from these records are stored in the CSV file.

You can specify 0 or any positive number. If you specify 0, the number of records to download is unlimited.

UrlRecordCount

Number of records downloaded from every feed that contains URLs, domains, or hosts. Indicators from these records are stored in the CSV files.

You can specify 0 or any positive number. If you specify 0, the number of records to download is unlimited.

HashRecordCount

Number of records downloaded from every feed that contains hashes. Indicators from these records are stored in the CSV files.

You can specify 0 or any positive number. If you specify 0, the number of records to download is unlimited.

proxySettings

Setting for connection with the proxy server. This setting is encrypted.

logsDir

Path to the directory to which the kl_feed_for_splunk.py utility writes log files. It can be an absolute or relative path. If a relative path is specified, it is calculated relative to the directory in which the kl_feed_for_splunk.py file is located.

If this setting is empty, logging is turned off.