Targets are represented as green rectangles on the Pipeline Canvas.
A Pipeline must have at least one Target. Once a Pipeline is initially created, it will have a single, undefined Target. A single Pipeline can be used to forward data to multiple Targets which can be of the same type (e.g. different Splunk indexes) or different types (e.g. QRadar and Splunk) as required.
- Click the undefined Target box, which is added to the Pipeline by default when it is created.
- Click the icon next to the Source or Process and select Add Target to add an additional Target to the Pipeline Canvas.
When you select an undefined Target or add a new Target, you will be presented a list of all available Target types. Some may be disabled as your license determines the Targets you can select.
For example, consider the situation where you have a license to send z/OS data to Splunk. If you have not yet defined a Source, all Target types will be available, as Mimix HealthLink data can always be sent from an IBM i platform to any destination without a license. If you define the Source as coming from z/OS, then only the HTTP[S] Target will be selectable. Your license only permits you to send the data from z/OS to Splunk by using an HTTP[S] Target.
After selecting the Target type, a configuration panel will be displayed at the bottom of the screen for the entry of details such as name, IP address(es), credentials, and so on.
When a new Target is created, it is automatically added to the Canvas and linked to the Source or Process.
If you want to change the configuration details of a previously configured Target, click into the appropriate Target Box on the Canvas to display the Target Configuration Panel.
Datadog Log/Datadog Metric
- Click anywhere in the Undefined Target box to configure the Target.
- In the Add Target tab, click either Datadog Log or Datadog Metric, depending on the type of data that is being forwarded.Note: Log data contains JSON key or value pairs that contain text strings, numbers, and dates. Metric data only contains numbers with optional key fields.
- Complete the fields in both the General and HTTPS tabs of the Datadog Log Target Configuration panel.Note: There is a relationship between the Site field on the General tab and the URL field on the HTTP[S] tab. Essentially the Site field is a drop-down of all current Datadog sites and the selected site defines the URL where data is forwarded to. In the event that Datadog add further sites in-between Hub releases, the URL field is editable to ensure that data can get to your required destination.
Datadog Log
Field | Description |
Name | Provide a name for the Datadog Log Target. It must be unique within this instance of the Hub. The character limit is from 1 to 50. |
Description | Provide a description of the Target or any other useful information in a maximum of 200 characters. This is an optional field. |
Site | Select from this drop-down the location of your Datadog system. Your Datadog administrator will be able to provide you this information. |
API key | This is a string of characters that authenticates your connection from the Hub to Datadog. It is a 32-character string made up of the lowercase letters a-f and the numbers 0-9. Your Datadog administrator will be able to provide you this information. |
Field | Description |
URL | This field is automatically generated to incorporate the Site selection you made. If Datadog provides a new site that is not listed in the drop-down, you can overtype parts of this URL, but the string must end as follows:
Make sure the leading period character. |
Verb | For Datadog, this is set to POST and cannot be changed. |
Initial Timeout | This is the duration that the Hub will attempt to make a connection to Datadog. |
Retry | If a connection to a URL fails, the Hub waits for the initial timeout and then will retry the connection based on the drop-down. By default, No Retry is selected. |
Datadog Metric
Field | Description |
Name | Provide a name for the Datadog Log Target. It must be unique within this instance of the Hub. The character limit is from 1 to 50. |
Description | Provide a description of the Target or any other useful information in a maximum of 200 characters. This is an optional field. |
Site | Select a location for your Datadog system from the drop-down. Your Datadog administrator will be able to provide you this information. |
API key | This is a string of characters that authenticates your connection from the Hub to Datadog. It is a 32-character string made up of the lowercase letters a-f and the numbers 0-9. Your Datadog administrator will be able to provide you this information. |
Keys |
This is a list of JSON keys that you want to associate with metrics of a given date and time. Datadog metrics are just numbers. To have one or more names of items to which these numbers “belong”, you need to specify their names using this input box. Example of two simple JSON records:
If you wanted the COST, SIZE, and AVAILABLE metrics to be associated with the product names, you would enter the key name for these fields, which is PRODUCT A key hierarchy can be created by entering multiple key names. To do this, enter the first (highest level) name and click Enter, then repeat for the lower level keys. For this example data, if you wanted metrics associated with a key of VENDOR and under that of PRODUCT you would enter:
|
Field | Description |
URL | This field is automatically generated to incorporate the Site selection you made. If Datadog provides a new site that is not listed in the drop-down, you can overtype parts of this URL, but the string must end as follows:
Make sure the leading period character. |
Verb | For Datadog, this is set to POST and cannot be changed. |
Initial Timeout | This is the duration that the Hub will attempt to make a connection to Datadog. |
Retry | If a connection to a URL fails, the Hub waits for the initial timeout and then will retry the connection based on the drop-down. By default, No Retry is selected. |
File
The File Target configuration panel has two tabs: General and File Management. The General tab contains important information required to configure a File Target. The File Management tab can be treated as an advanced setting for the Target configuration.
- Click anywhere in the Untitled Target box to configure the Target.
- In the Add Target tab, click File.
- Complete the fields for the General tab in the bottom panel of the canvas.Note: The file name generated by the Hub is path + hostname + file identifier + datetime + file extension. The total length of the generated name must not exceed 260 characters for a Windows system or 4096 for a Linux system.
Field Description Name Provide a name for the File Target. It must be unique within this instance of the Hub. The character limit is from 1 to 50. Description Provide a description of the Target or any other useful information in a maximum of 200 characters. This is an optional field. Path Set the location where files will be written. You must enter a path in the style expected for the operating system (Windows or Linux). File identifier The name of a file as written by the Hub is made up of path(\ or /)hostname-fileid-datetime.extension
. This field sets the fileid part of the name.File extension The name of a file as written by the Hub is made up of path(\ or /)hostname-fileid-datetime.extension
. This field sets the extension part of the name. - Click the File Management tab and complete the fields.
Field | Description |
Roll files larger than… MB | If you select this checkbox, data files will become larger than this value, and a new file will be started with the current date and time in its name. This is called “file rolling”. |
Roll yesterday’s file at this hour | If you select this checkbox, you can pick an hour of the day to check the age of files. When a file created “yesterday” before this hour, it will be rolled and a new file started with the current date and time in its name. |
Delete rolled files to only keep… files | If you select this checkbox, when the number of rolled files exceeds this number, the excess files will be deleted. |
Delete rolled files after… days | If you select this checkbox, when a rolled file is older than this number of days, it will be deleted. |
Google Security Operations
Google Security Operations is a cloud-based service built on Google’s infrastructure for enterprises to capture, search, and analyze security and network telemetry.
- Click on the Untitled Target to configure the Target.
- In the Add Target tab, click Google Security Operations.
- Complete the fields in the Edit Google Security Operations Target Configuration panel.
Field Description URL This is the API endpoint URL. The URL must end with googleapis.com
and be preceded with theregion-specific
sub-domain name. These URLs are listed on Google's Security Operations Ingestion API documentation web page.Customer ID This is a unique identifier (UUID) corresponding to a particular Google Security Operations instance, which is assigned by your Google Security Operations representative. Ingestion API Key The JSON file which is uploaded from the UI and contains the OAuth credentials that allow access to Google Cloud. This Ingestion API Key JSON file can be downloaded from the Google Cloud Credentials page. Authorization Scope The authorization scope determines the level of access that is being requested during authentication.Note: The default value of https://www.googleapis.com/auth/malachite-ingestion will request sufficient privileges to send data to Google Security Operations ingestion endpoint. The field must contain the stringmalachite
.Initial Timeout Number of seconds to wait for the initial response. The default time is 60 seconds. Retry Interval If a connection to a URL fails, the Hub waits for the initial timeout and then will retry the connection based on the drop-down. By default, No Retry is selected.
HTTP[S]
The HTTP[S] Target configuration panel has two tabs: General and Headers. The General tab contains important information required to configure an HTTP[S] Target. The Headers tab can be treated as an advanced setting for the Target configuration.
- Click anywhere in the Untitled Target box to configure the Target.
- In the Add Target tab, click HTTP[S].
- Complete these fields for the General tab in the bottom panel of the canvas:
Field Description Target name Specify the name of the Target. The character limit is from 1 to 50. Description Provide a short description of the Target. This will be visible on the canvas. The character limit is 200. URL Enter the API endpoint URL. Note: The specified URL will be validated in accordance with the licenses in place. For example, if you only have a Splunk license, then the URL will be validated to ensure that it is referencing a Splunk address, similarly, if you only have a DataDog or BigPanda license, then the URL will be validated to ensure that the correct destination is specified.Verb or Method Send data to an external URL via an HTTP POST or GET request. POST is selected by default. Initial Timeout Number of seconds to wait for the initial response. The default time is 60 seconds. Retry Interval If a connection to an URL fails, the Hub waits for the initial timeout, then will retry the connection based on the drop-down. By default, No Retry is selected. - Add any necessary Headers on the Headers tab of the HTTP[S] Target configuration panel. An example of a Header might be the need to set a content type as follows:
Content-Type: application/json
- Here you can use the New Header button, enter a key of Content-Type without the trailing ':' character as this is added automatically, and then enter application/json as the value. You can enter a key without a value, and you can enter multiple Header keys.
If you need a Header key or value pair to be secure because it contains sensitive information, you can use the New Secure Header button. The key remains visible in the UI, but any data entered into the value field is obfuscated as you type and encrypted when saved in the configuration file. It is only decrypted when it is used in a connection to the Target URL. If you create a Secure Header, you must enter a value. You can enter multiple keys with the same value.
IBM QRadar
The IBM QRadar configuration panel allows you to configure a Target to send SYSLOG data directly to the QRadar SIEM for analysis and alerting.
- Click anywhere in the Untitled Target box to configure the Target.
- In the Add Target tab, click IBM QRadar.
- Complete the fields in the Edit IBM QRadar Target Configuration panel.
Field Description Name Provide a name for IBM QRadar Target. It must be unique within this instance of the Hub. The character limit is from 1 to 50. Description Provide a description of this Target or any other useful information in a maximum of 200 characters. Hostname or IP address Enter the DNS name or address (IPv4 or Ipv6) of the system to which the Hub will connect. Port Set the port number to use with IBM QRadar. The default for a HEC connection is 514. Retry Interval Select from the following options:
- No Retry: This is the default option. If selected, it indicates that if a connection cannot be established, the Pipeline will shut down and no data will be forwarded to the Target.
- Retry for One Hour: If this option is selected, the Hub will keep trying to establish a connection at progressively longer and longer intervals until either a connection is established, or an hour has passes since the initial attempt. In the latter situation, the Pipeline will then be shut down and no data will be forwarded to the Target.
- Continuous Retry: If this option is selected, the Hub will keep trying to establish a connection at progressively longer and longer intervals until either a connection is established, or the Pipeline is stopped, or the Hub Service shut down.
Note: The interval between retry attempts will peak at 5 minutes, at which point it will retry every 5 minutes until stopped.Initial Timeout This is the maximum number of seconds that the Hub will wait for an initial response from IBM QRadar. If no response is received, then the subsequent action will be determined by the selected Retry Interval. I/O Timeout This is the maximum number of seconds that a connection will remain open if there is no activity. The default timeout is 180 seconds, so if no data is sent during this time, the connection will be shut down. Keep Alive This checkbox enables the Hub to prevent a connection from closing when no data is flowing. When checked, a control will appear for you to set a keepalive time in seconds. This should be lower than the I/O timeout setting. Enable TLS Encryption This checkbox allows you to enable or disable TLS. The minimum level of TLS supported is 1.2. Bypass Server Certificate Validation This checkbox allows for the use of a self-signed certificate. If set it will not check the signature of the server's certificate. Note: This checkbox is only enabled if the Enable TLS Encryption option is selected.Certificate Authority The Certificate Authority is used to authenticate the server. Drag the required file onto the Certificate Authority, or use the Choose button to navigate to the file.
The selected file can be of any type and it must not be more than 1000000 bytes in size.
Once the required file is specified, it will be checked to see if it is valid, and any appropriate error messages will be displayed.
To replace the selected file, drag another file or click the Choose button.
You can only specify one file. Once the Target is saved or you navigate away from the Configuration panel, the file details will not visible, but the control will indicate that a valid file has been specified.
Note: This option is only enabled if the Enable TLS Encryption option is selected and the Bypass Server Certificate Validation option is unselected.Client Certificate The Client Certificate is used to verify the identity of the client with the server. Drag the required file onto the Client Certificate, or use the Choose button to navigate to the file.
The selected file can be of any type and it must not be more than 1000000 bytes in size.
Once the required file is specified, it will be checked to see if it is valid, and any appropriate error messages will be displayed.
To replace the selected file, drag another file or click the Choose button.
You can only specify one file. Once the Target is saved or you navigate away from the Configuration panel, the file details will not visible, but the control will indicate that a valid file has been specified.
Note: This option is only enabled if the Enable TLS Encryption option is selected.Client Key The Client Key is used to verify the identity of the client with the server. Drag the required file onto the Client Key, or use the Choose button to navigate to the file.
The selected file can be of any type and it must not be more than 1000000 bytes in size.
Once the required file is specified, it will be checked to see if it is valid, and any appropriate error messages will be displayed.
To replace the selected file, drag another file or click the Choose button.
You can only specify one file. Once the Target is saved or you navigate away from the Configuration panel, the file details will not visible, but the control will indicate that a valid file has been specified.
Note: This option is only enabled if the Enable TLS Encryption option is selected.
Kafka
The Kafka configuration panel allows you to configure a Target to send data into Kafka.
- Click on the Untitled Target box to configure the Target.
- In the Add Target tab, click Kafka.
- Complete the fields in the Edit Kafka Target Configuration panel.
Field Description Name The name of the Target. The character limit is 1 to 50. Description An optional description of the Target. The character limit is 1 to 200. Topic The name of the Kafka topic into which data will be inserted, with a maximum length of 249 characters. Only the following characters are permitted in a topic name: - Letters
- Numbers
- Periods
- Underscores
- Hyphens
Maximum Cache Size The maximum amount of data to hold in memory if a connection to a Kafka Target drops. When the Target becomes available again, the data in the cache will be transmitted, avoiding data loss. If the cache fills before the connection is re-established, the oldest data is progressively discarded.
The minimum value you can set is 8 MB, and the maximum is 4096 MB.
Retry Interval If a connection to the Kafka Target fails, the Hub will attempt a reconnection based on this drop-down. The default value is No Retry. Enable TLS Encryption Indicate if TLS encryption is to be implemented for the connection between Hub and the Kafka Broker. PKCS #12 File Path The path to a file containing the PKCS #12 archive for TLS to use.
This must be a valid path for the operating system holding the file. The file does not need to exist for you to be able to save a Pipeline, but it must be present to run it.
PKCS #12 Password The password associated with the PKCS #12 archive.
Requires a minimum of 6 characters and a maximum of 255.
Brokers See the table below.
A Kafka Target must have one or more Brokers associated with it. Each Broker must have a unique combination of hostname or port, and at least one must be enabled.
Field | Description |
---|---|
Hostname | The hostname of the Broker. Must be a valid hostname. |
Port | The port number for the Broker. For a non-TLS connection, the default is 9092 and for a TLS connection, it is 9093. You may set any value from 0 to 65535. |
Enable/Disable | Allow or disallow the sending of data to this Broker. This is useful if a Broker is unavailable but you do not wish to remove it from the Target. |
Microsoft Sentinel
Microsoft Sentinel is a cloud-native security information and event management (SIEM) platform that uses built-in AI to help analyze large volumes of data across an enterprise. Ironstream Hub makes it easy to make mainframe and IBM i data available for such analysis.
- Click anywhere in the Untitled Target box to configure the Target.
- In the Add Target tab, click Microsoft Sentinel.
- Complete the fields in the General tab in the Edit Microsoft Sentinel Target Configuration panel.
Field Description Name Provide a name for this Sentinel Target. It must be unique within this instance of the Hub. The character limit is from 1 to 50. Description Provide a description of this Target or any other useful information in a maximum of 200 characters. This is an optional field. Application ID This is a string of 32 characters representing an application defined in Azure. This application is associated with a set of Data Collection Rules (DCR) and a Data Collection Endpoint (DCE). It allows authentication of your connection to take place and ensures that an unauthorized user cannot send data to your instance of Sentinel. Your Azure administrator will be able to tell you the application ID, which can be found in the Azure App registrations page.
Directory ID This is a string of 32 characters that identifies the instance of the Azure Active Directory that is being used for authentication. Your Azure administrator will be able to tell you this information, which can be found in the Azure App registrations page.
Rule ID A Data Collection Rule (DCR) defines a set of transforms on the data as well as which tables may receive the data. In the case of Ironstream Hub, all the data is inserted into a single dynamic column of one particular table. The value needed here is the Immutable ID of the DCR that relates to this table.
It is a string that starts with
dcr-
followed by 32 characters, e.g.dcr-4fbfca38487647ed8dfedef124634bf6
Your Azure administrator will be able to provide you this information.
Stream Name This is the name of the table in Sentinel into which the data is sent. Your Azure administrator will be able to set this up and inform you of its name.
URL Prefix A Data Collection Endpoint (DCE) must be set up in Azure to receive data sent from the Hub. This will have a URL specific to your company, and this field should contain the first part of the URL for this endpoint. Your Azure administrator will be able to provide you this information.
What you enter here will be used to create the URL, which is as follows:
https://<URL Prefix>.<Region>.ingest.monitor.azure.com
You can view the full URL generated by the Hub in the HTTP[S] tab.
Region This is the location where the Azure instance is hosted. Your Azure administrator will be able to provide you this information.
For example, centralus-1 or centralindia-1.
What you enter here will be used to create the URL, which is as follows:
https://<URL Prefix>.<Region>.ingest.monitor.azure.com
You can view the full URL generated by the Hub in the HTTP[S] tab.
- Review and update the fields in the HTTPS tab in the Edit Microsoft Sentinel Target Configuration panel as necessary.
Field Description URL This is a read-only field that will contain information entered on the General tab, such as the URL prefix and Region. Retry Interval Select from the following options:
- No Retry: This is the default option. If selected, it indicates that if a connection cannot be established, the Pipeline will shut down and no data will be forwarded to the Target.
- Retry for One Hour: If this option is selected, the Hub will keep trying to establish a connection at progressively longer and longer intervals until either a connection is established, or an hour has passes since the initial attempt. In the latter situation, the Pipeline will then be shut down and no data will be forwarded to the Target.
- Continuous Retry: If this option is selected, the Hub will keep trying to establish a connection at progressively longer and longer intervals until either a connection is established, or the Pipeline is stopped, or the Hub service shuts down.
Note: The interval between retry attempts will peak at 5 minutes, at which point it will retry every 5 minutes until stopped.
Splunk
Splunk is a big data platform that enables organizations to search, analyse, and visualise machine-generated. Ironstream Hub makes it easy to make mainframe and IBM i data available for such analysis.
- Click on the Untitled Target box to configure the Target.
- In the Add Target tab, click Splunk.
- In the Connection Type tab, select the connection type, that determines how data will be forwarded to Splunk. This could be either:
- HTTPS: Select this option if you want to send data directly to Splunk via a secure HTTPS connection.
- TCP/IP: Select this option if you want to send data directly to Splunk via a TCP/IP connection. Note: If required, the connection can be secured using TLS.
-
Complete the fields required to define the Target. These will change depending on the connection type selected.
Splunk Target via HTTPS : -
Complete the fields in the General tab in the Edit Splunk Target Configuration panel.
Field Description Name Provide a name for Splunk Target. It must be unique within this instance of the Hub. The character limit is from 1 to 50. Description Provide a description of this Target or any other useful information in a maximum of 200 characters. This is an optional field. Hostname or IP address Enter the DNS name or address (IPv4 or Ipv6) of the Splunk system to which the Hub will connect. Port Set the port number to use with Splunk. The default for a HEC connection is 8088. HEC Token This is a mandatory string that identifies this connection as for a specific HTTP Event Collector (HEC). It is a 32-character string made up of the characters 0 - 9 and a - f (in lower case) only. When a HEC is created in Splunk, the token is automatically generated.
Your Splunk administrator will be able to provide you this information.Index This is an optional field that you can set to override the default index defined for the HEC connection. According to Splunk rules, this field: - Must only contain lowercase letters, digits, underscores, and hyphens.
- Cannot begin with an underscore or a hyphen.
- Must not contain the string ‘kvstore’.
Source This optional field allows you to set the content of the 'source' property for your data inside Splunk. If needed, your Splunk administrator will be able to provide you this information.
Source Type This optional field allows you to set the content of the ‘sourcetype’ property for your data inside Splunk. A sourcetype specifies Splunk how incoming data is formatted and how to deal with certain conditions.
Ironstream Hub sends data in JSON form.
If needed, your Splunk administrator will be able to provide you this information.Enable TLS encryption If you select this checkbox, data transferred between the Hub and your Splunk server will be encrypted. -
Review and update the fields in the HTTPS tab as necessary.
Field Description URL This is a read-only field that will contain information entered on the General tab, such as the Hostname or IP Address, Port, TLS plus any additional Index, Source and Source Type information. Verb or Method This is a read-only field that is set to 'POST' as you are sending data to the Splunk endpoint. Initial Timeout This is the maximum number of seconds that the Hub will wait for an initial response from Splunk. If no response is received, then the subsequent action will be determined by the selected Retry Interval. Retry Interval Select from the following options:
- No Retry: This is the default option. If selected, it indicates that if a connection cannot be established, the Pipeline will shut down and no data will be forwarded to the Target.
- Retry for One Hour: If this option is selected, the Hub will keep trying to establish a connection at progressively longer and longer intervals until either a connection is established, or an hour has passes since the initial attempt. In the latter situation, the Pipeline will then be shut down and no data will be forwarded to the Target.
- Continuous Retry: If this option is selected, the Hub will keep trying to establish a connection at progressively longer and longer intervals until either a connection is established, or the Pipeline is stopped, or the Hub service shut down.
Note: The interval between retry attempts will peak at 5 minutes, at which point it will retry every 5 minutes until stopped.Splunk Target Via TCP/IP:Note: This feature is applicable only in v1.3.10 or later versions. - Complete the fields in the General tab in the Edit Splunk Target Configuration panel.
Field Description Name Provide a name for Splunk Target. It must be unique within this instance of the Hub. The character limit is from 1 to 50. Description Provide a description of this Target or any other useful information in a maximum of 200 characters. Index This is an optional field that you can set to override the default index. According to Splunk rules, this field must only contain lowercase letters, digits, underscores, and hyphens. It cannot begin with an underscore or a hyphen, and it must not include the string 'kvstore'. If needed, your Splunk administrator will be able to provide you this information. Source This optional field allows you to set the content of the ‘source’ property for your data inside Splunk. If needed, your Splunk administrator will be able to provide you this information. Source Type This optional field allows you to set the content of the ‘sourcetype’ property for your data inside Splunk. If needed, your Splunk administrator will be able to provide you this information. - Review and update the fields in the TCP/IP tab as necessary.
Field Description Hostname or IP address Enter the DNS name or address (IPv4 or Ipv6) of the Splunk system to which the Hub will connect. Port Set the port number to use with Splunk. The default for a HEC connection is 8088. Retry Interval Select from the following options:
- No Retry: This is the default option. If selected, it indicates that if a connection cannot be established, the Pipeline will shut down and no data will be forwarded to the Target.
- Retry for One Hour: If this option is selected, the Hub will keep trying to establish a connection at progressively longer and longer intervals until either a connection is established, or an hour has passes since the initial attempt. In the latter situation, the Pipeline will then be shut down and no data will be forwarded to the Target.
- Continuous Retry: If this option is selected, the Hub will keep trying to establish a connection at progressively longer and longer intervals until either a connection is established, or the Pipeline is stopped, or the Hub Service shut down.
Note: The interval between retry attempts will peak at 5 minutes, at which point it will retry every 5 minutes until stopped.Initial Timeout This is the maximum number of seconds that the Hub will wait for an initial response from Splunk. If no response is received, then the subsequent action will be determined by the selected Retry Interval. I/O Timeout This is the maximum number of seconds that a connection will remain open if there is no activity. The default timeout is 180 seconds, so if no data is sent during this time, the connection will be shut down. Keep Alive This checkbox enables the Hub to prevent a connection from closing when no data is flowing. When checked, a control will appear for you to set a keepalive time in seconds. This should be lower than the I/O timeout setting. Enable TLS Encryption This checkbox allows you to enable or disable TLS. The minimum level of TLS supported is 1.2. Bypass Server Certificate Validation This checkbox allows a self-signed certificate. It does not check the signature of the server's certificate. Note: This checkbox is only enabled if the Enable TLS Encryption option is selected.Certificate Authority The Certificate Authority is used to authenticate the server. Drag the required file onto the Certificate Authority, or use the Choose button to navigate to the file.
The selected file can be of any type and it must not be more than 1000000 bytes in size.
Once the required file is specified, it will be checked to see if it is valid, and any appropriate error messages will be displayed.
To replace the selected file, drag another file or click the Choose button.
You can only specify one file. Once the Target is saved or you navigate away from the Configuration panel, the file details will not visible, but the control will indicate that a valid file has been specified.
Note: This option is only enabled if the Enable TLS Encryption option is selected and the Bypass Server Certificate Validation option is unselected.Client Certificate The Client Certificate is used to verify the identity of the client with the server. Drag the required file onto the Client Certificate, or use the Choose button to navigate to the file.
The selected file can be of any type and it must not be more than 1000000 bytes in size.
Once the required file is specified, it will be checked to see if it is valid, and any appropriate error messages will be displayed.
To replace the selected file, drag another file or click the Choose button.
You can only specify one file. Once the Target is saved or you navigate away from the Configuration panel, the file details will not visible, but the control will indicate that a valid file has been specified.
Note: This option is only enabled if the Enable TLS Encryption option is selected.Client Key The Client Key is used to verify the identity of the client with the server. Drag the required file onto the Client Key, or use the Choose button to navigate to the file.
The selected file can be of any type and it must not be more than 1000000 bytes in size.
Once the required file is specified, it will be checked to see if it is valid, and any appropriate error messages will be displayed.
To replace the selected file, drag another file or click the Choose button.
You can only specify one file. Once the Target is saved or you navigate away from the Configuration panel, the file details will not visible, but the control will indicate that a valid file has been specified.
Note: This option is only enabled if the Enable TLS Encryption option is selected.
TCP/IP
The TCP/IP Target configuration panel allows you to configure a TCP/IP Target.
- Click anywhere in the Untitled Target box to configure the Target.
- Select TCP/IP from the Add Target panel.
- Complete the fields in the Edit TCP/IP Target Configuration panel.
Field Description Name Provide a name for TCP/IP Target. It must be unique within this instance of the Hub. The character limit is from 1 to 50. Description Provide a description of this Target or any other useful information in a maximum of 200 characters. Hostname or IP address Enter the DNS name or IP address (IPv4 or Ipv6) of the TCP/IP server to which the Hub will connect. Port Set the port number to use with TCP/IP server. Retry Interval Select from the following options:
- No Retry: This is the default option. If selected, it indicates that if a connection cannot be established, the Pipeline will shut down and no data will be forwarded to the Target.
- Retry for One Hour: If this option is selected, the Hub will keep trying to establish a connection at progressively longer and longer intervals until either a connection is established, or an hour has passes since the initial attempt. In the latter situation, the Pipeline will then be shut down and no data will be forwarded to the Target.
- Continuous Retry: If this option is selected, the Hub will keep trying to establish a connection at progressively longer and longer intervals until either a connection is established, or the Pipeline is stopped, or the Hub Service shut down.
Note: The interval between retry attempts will peak at 5 minutes, at which point it will retry every 5 minutes until stopped.Initial Timeout This is the maximum number of seconds that the Hub will wait for an initial response from TCP/IP. If no response is received, then the subsequent action will be determined by the selected Retry Interval. I/O Timeout This is the maximum number of seconds that a connection will remain open if there is no activity. The default timeout is 180 seconds, so if no data is sent during this time, the connection will be shut down. Keep Alive This checkbox enables the Hub to prevent a connection from closing when no data is flowing. When checked, a control will appear for you to set a keepalive time in seconds. This should be lower than the I/O timeout setting. Enable TLS Encryption This checkbox allows you to enable or disable TLS. The minimum level of TLS supported is 1.2. Bypass Server Certificate Validation This checkbox allows a self-signed certificate. It does not check the signature of the server's certificate. Note: This checkbox is only enabled if the Enable TLS Encryption option is selected.Certificate Authority The Certificate Authority is used to authenticate the server. Drag the required file onto the Certificate Authority, or use the Choose button to navigate to the file.
The selected file can be of any type and it must not be more than 1000000 bytes in size.
Once the required file is specified, it will be checked to see if it is valid, and any appropriate error messages will be displayed.
To replace the selected file, drag another file or click the Choose button.
You can only specify one file. Once the Target is saved or you navigate away from the Configuration panel, the file details will not visible, but the control will indicate that a valid file has been specified.
Note: This option is only enabled if the Enable TLS Encryption option is selected and the Bypass Server Certificate Validation option is unselected.Client Certificate The Client Certificate is used to verify the identity of the client with the server. Drag the required file onto the Client Certificate, or use the Choose button to navigate to the file.
The selected file can be of any type and it must not be more than 1000000 bytes in size.
Once the required file is specified, it will be checked to see if it is valid, and any appropriate error messages will be displayed.
To replace the selected file, drag another file or click the Choose button.
You can only specify one file. Once the Target is saved or you navigate away from the Configuration panel, the file details will not visible, but the control will indicate that a valid file has been specified.
Note: This option is only enabled if the Enable TLS Encryption option is selected.Client Key The Client Key is used to verify the identity of the client with the server. Drag the required file onto the Client Key, or use the Choose button to navigate to the file.
The selected file can be of any type and it must not be more than 1000000 bytes in size.
Once the required file is specified, it will be checked to see if it is valid, and any appropriate error messages will be displayed.
To replace the selected file, drag another file or click the Choose button.
You can only specify one file. Once the Target is saved or you navigate away from the Configuration panel, the file details will not visible, but the control will indicate that a valid file has been specified.
Note: This option is only enabled if the Enable TLS Encryption option is selected.