Edit Your Broker VM Configuration
From the Cortex XDR management console you can edit the
configuration of any broker VM as needed.
After configuring and registering your broker
VM, select to
edit existing configurations and define additional settings.
Settings
Configurations
Data Broker
Broker VMs
- In theBroker VMstable, locate your broker VM, right-click and select.Broker ManagementConfigureIf the broker VM is disconnected, you can onlyViewthe configurations.
- In theBroker VM Configurationswindow, define the following settings:
- (Requires Broker VM 8.0 and later)Device Name.-Device Name—Change the name of your broker VM device name by selecting the pencil icon. The new name will appear in the Broker VMs table.-FQDN—Set yourBroker VM FQDNas it will be defined in your Domain Name System (DNS). This enables connection between the WEF and WEC, acting as the subscription manager. TheBroker VM FQDNsettings affect the WEC and Agent Installer and Content Caching.
- (Requires Broker VM 8.0 and later) (Optional)Internal NetworkSpecify a network subnet to avoid the broker VM dockers colliding with your internal network. By default, theNetwork Subnetis set to172.17.0.1/16.Internal IP must be:
- Formatted asprefix/mask, for example192.0.2.1/24.
- Must be within/8to/24range.
- Cannot be configured to end with a zero.
For Broker VM version 9.0 and lower,CortexXDRwill accept only172.17.0.0/16. - Auto UpgradeEnableorDisableautomatic upgrade of the broker VM. By default, auto upgrade is enabled atAnytime for all7 daysof the week, but you can also set theDays in WeekandSpecifictime for the automatic upgrades. If you disable auto-upgrade, new features and improvements will require manual upgrade.
- MonitoringEnableorDisableof local monitoring of the broker VM usage statistics in Prometheus metrics format, allowing you to tap in and export data by navigating tohttp://<broker_vm_address>:9100/metrics/. By default, monitoring your broker VM is disabled.
- (Optional)SSH Access
- (For Broker VM 7.4.5 and earlier)Enable/Disable sshPalo Alto Networks support team SSH access by using aCortexXDRtoken.Enabling allows Palo Alto Networks support team to connect to the broker VM remotely, not the customer, with the generated password. If you use SSL decryption in your firewalls, you need to add a trusted self-signed CA certificate on the broker VM to prevent any difficulties with SSL decryption. For example, when configuring Palo Alto Networks NGFW to decrypt SSL using a self-signed certificate, you need to ensure the broker VM can validate a self-signed CA by uploading thecert_ssl-decrypt.crtfile on the broker VM.Make sure you save the password before closing the window. The only way to re-generate a password is to disable ssh and re-enable.
- (Requires Broker VM 14.0.42 and later) Customize the login banner displayed, when logging into SSH sessions on the broker VM in theWelcome Messagefield by overwriting the default welcome message with a new one added in the field. When the field is empty, the default message is used.
- Broker UI PasswordReset your current Broker VM Web UI password.DefineandConfirmyour new password. Password must be at least 8 characters.
- (Requires Broker VM 10.1.9 and later) (Optional) In theSSL Server Certificatesection, upload your signed server certificate and key to establish a validated secure SSL connection between your endpoints and the broker VM. When you configure the server certificate and the key files in the tenant UI,CortexXDRautomatically updates them in the Broker VM UI, even when the Broker VM UI is disabled.CortexXDRvalidates that the certificate and key match, but does not validate the Certificate Authority (CA).
- Saveyour changes.
Most Popular
Recommended For You
Recommended Videos
Recommended videos not found.
