PrivX settings examples
SCOPE | SECTION | SAMPLE |
---|---|---|
GLOBAL | audit | {"data_folder":"/var/privx/audit/","timeout_when_no_connmgr":5,"trail_expiry":7} |
GLOBAL | ldapconnections | {"enable_ldap_custom_root_certificates":false,"enable_ldap_system_roots_cert_pool":true,"insecure_skip_verify_tls":false,"ldap_connection_timeout":10,"ldap_retry_attempts":3,"ldap_root_ca_pem":""} |
GLOBAL | disclaimer | {"privx_disclaimer":"[]"} |
HOST-STORE | initial-host-service-options-ssh | {"exec":true,"file_transfer":true,"other":true,"shell":true,"tunnels":true,"x11":true} |
HOST-STORE | initial-host-service-options-web | {"audio":true,"clipboard":true,"file_transfer":true} |
HOST-STORE | initial-host-service-options-rdp | {"audio":true,"clipboard":true,"file_transfer":true} |
HOST-STORE | initial-host-service-options-vnc | {"clipboard":true,"file_transfer":true} |
HOST-STORE | host-house-keeping | {"host_housekeeping_run_interval":168,"hosts_deleted_age":168} |
HOST-STORE | health-check-options | {"service_health_check_max_requests_per_second":1,"service_health_check_max_workers":3,"service_health_check_wait":600,"service_health_checks_enabled":true} |
MONITOR-SERVICE | housekeeping | {"cache_db_expiry_interval":600,"data_retention_period":180,"housekeeping_interval":12,"status_check_interval":10,"system_health_check_interval":12} |
ROLE-STORE | scanning | {"first_host_scanning_delay":30,"first_role_scanning_delay":10,"host_scanning_frequency":300} |
ROLE-STORE | authorizedkeys | {"expired_purge_interval_hours":24,"max_validity_days":730,"min_rsa_key_size":2048,"supported_key_types":["ssh-rsa","ssh-ed25519"]} |
ROLE-STORE | ldap | {"attributes":"objectClass cn dn distinguishedName whenCreated whenChanged name userPrincipalName givenName company departmentNumber mail email mobile sAMAccountName uid memberOf entryDN displayName userAccountControl groupType servicePrincipalName objectCategory objectGUID objectSID","default_cache_ttl":900,"default_user_filter":"( |
ROLE-STORE | directory | {"blacklisted_host_tag_prefixes":["privx-","aws:","ssh-keys","windows-keys"]} |
ROLE-STORE | aws | {"assume_role_default_ttl":900,"default_region":"us-east-1","enable_assume_role":true,"enable_federated_tokens":true,"enabled":true,"federated_tokens_default_ttl":900,"max_aws_roles":1000} |
ROLE-STORE | caching | {"enable":true,"max_entries":100000,"rule_evaluation_cache_enabled":true,"sync_interval_seconds":60,"ttl":60,"type":"local","user_cache_refresh_ttl":60} |
TRAIL-INDEX | housekeeping | {"housekeeping_interval":30} |
TRAIL-INDEX | workers | {"no_of_workers":10} |
Updated about 3 years ago