Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 Administration Manual page 42

Strm administration guide
Hide thumbs Also See for SECURITY THREAT RESPONSE MANAGER 2008.2:
Table of Contents

Advertisement

34
S
U
STRM
ETTING
P
Table 3-3 STRM Settings Parameters (continued)
Parameter
Event Log Hashing
Hashing Algorithm
Sentry Settings
Alert Directory
Default Sentry Scripts
List of Sentry Scripts
Sentry Properties
Sentry Response Queue
STRM Administration Guide
Description
Enables or disables the ability for STRM to store a hash
file for every stored event log file. The default is No.
You can use a hashing algorithm for database storage
and encryption. You can use one of the following hashing
algorithms:
Message-Digest Hash Algorithm - Transforms digital
signatures into shorter values called Message-Digests
(MD).
Secure Hash Algorithm (SHA) Hash Algorithm -
Standard algorithm that creates a larger (60 bit) MD.
Specify the log hashing algorithm you wish to use for your
deployment. The options are:
MD2 - Algorithm defined by RFC 1319.
MD5 - Algorithm defined by RFC 1321.
SHA-1 - Default. Algorithm defined by Secure Hash
Standard, NIST FIPS 180-1.
SHA-256 - Algorithm defined by the draft Federal
Information Processing Standard 180-2, Secure
Hashing Standard (SHS). SHA-256 is a 256 bit hash
algorithm intended for 128 bits of security against
security attacks.
SHA-384 - Algorithm defined by the draft Federal
Information Processing Standard 180-2, Secure
Hashing Standard (SHS). SHA-384 is a bit hash
algorithm is provided by truncating the SHA-512
output.
SHA-512 - Algorithm defined by the draft Federal
Information Processing Standard 180-2, Secure
Hashing Standard (SHS). SHA-512 is a bit hash
algorithm intended to provide 256 bits of security.
Specify the location you wish to store active alerts for
each user. The default is /store/sentry/alerts.
Specify the default sentry scripts you wish to execute. The
default is /opt/qradar/triggerbin/system.js
Specify the sentry scripts you wish to execute, in the
order of execution. Separate each entry with a comma.
The default is
system.js,activity_anomaly.js,learn_policy.js,threshold.js,
behavioral.js, system.js.
Specify the sentry properties location. The default is
/store/sentry/persistent_properties.xml
Specify the sentry response queue file. The default is
/store/sentry/response_queue.xml.

Advertisement

Table of Contents
loading

Table of Contents