logo

Documentation & Downloads

Browse your product documentation including release notes and installers

Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Cb Response 6.2.2 Server Configuration (cb.conf) Guide

Cb Response 6.2.2 Server Configuration (cb.conf) Guide

This document describes the contents of the cb.conf file, the primary configuration file for Cb Response, for version 6.2.2. By changing the values of parameters in cb.conf, you can change the behavior and performance of Cb Response.

 

Note: Before editing the cb.conf file, you should be sufficiently familiar with the features and operation of Cb Response to decide about when and whether to change its configuration. For details about using Cb Response, refer to the Cb Response User Guide for this version.

 

See the Comments section below for a brief summary of changes to this document since the previous edition.

Labels (1)
Labels:
Attachments
0 Kudos
Comments
triordan
‎05-15-2018 10:38 AM
‎05-15-2018 10:38 AM

The following changes have been made to the Cb Response Server Configuration (cb.conf) Guide for this release:

  • Added the setting MinionApiPort for specifying the master-minion communication port. This is not a new feature but was not documented in previous guides.  [CB-16951]
  • Added the following settings for enabling sensor throttling [CB-16949]:
    DatastoreReservationCountThrottlingEnabled
    DatastoreReservationCountThrottlingBufferPercent
    DatastoreMaxTimeToSubmitS
    DatastoreUseSensorUploadDynamicAveraging
    DatastoreSensorUploadInitialAverageKB
    DatastoreSensorUploadAverageTimeRangeS
    DatastoreSensorUploadAverageMinCount
  • Added the setting EventExclusionsEnabled, which enables a console feature that allows you to exclude collection of certain process events from macOS/OS X hosts based on the path of the parent process. This is not a new feature but was not documented in previous guides. [CB-17553, CB-17587]
  • Other minor corrections and improvements were made throughout.
triordan
‎06-19-2018 11:41 AM
‎06-19-2018 11:41 AM

The following changes have been made in the June 2018 version of this document:

  • Added missing BanningEnabled setting on p. 76.
  • Other minor corrections and edits.
jeffml
‎06-21-2018 05:14 AM
‎06-21-2018 05:14 AM

A quick diff between the 6.2.2 cb.conf guide and the Cb supplied cb.conf shows about 13 or so undocumented settings.  In addition are the following that are more common and probably should be documented in this guide for consistency:

CurrentEventsSchema (used for advanced command line tokenization and is documented in the User Guide)

SessionTimeout (UI user timeout measured in seconds?)

Article Information
Author:
triordan
Creation Date:
‎05-15-2018
Views:
4037
Contributors
logo

Copyright © 2005-2023 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.