Configuring Site Servers
Example Root Site Server configuration
Type of Site Servers
- Root - The top level Site Server that reports to the FTK Central service, and can collect from on-network targets.
- Private - A child Site Server that reports to a parent Site Server, and can collect from on-network targets.
- Private (Protected) - A child Site Server that reports to a parent Site Server when only one-way communication is allowed, and can collect from on-network targets.
- Public - A child Site Server that reports to a parent Site Server, and can collect from off-network targets.
Note: See network requirements for each Site Server type here.
Field: Friendly Name
Description: A user-defined name to easily identify the Site Server
Field: Logging Level
Description: Level of message detail to record in site_server.log.
Default Value: ERROR
Field: Agent Port
Description: Port used by on-network agents.
Default Value: 3999
Field: Catch All Delay(s)
Description: When a Site Server is looking for new jobs every x mins, this setting will delay that cycle by specified interval. This is useful when you mark a particular SS to catch all IPs and you want it to execute only if others have failed.
Default Value: 0
Secure Communications
Field: Private Certificate
Description: The private certificate used to communicate with the FTK Central service and other Site Servers.
Note: See certificate requirements here.
Field: Public Certificate
Description: The public certificate used to communicate with the FTK Central Service and other Site Servers.
Note: See certificate requirements here.
Field: Agent Certificate
Description: The private certificate used to communicate with Agents.
Note: See certificate requirements here.
Database
Field: System Password
Description: Password to the locally-installed PostgreSQL database where Site Server stores its settings and metadata.
Field: Database Port
Description: Port used by the locally-installed PostgreSQL database where Site Server stores its settings and metadata.
Default Value: 5432
IP Configuration
Field: Internal Addresses/FQDN
Description: Internal (on-network) IP or FQDN of a Public Site Server.
Field: External Addresses/FQDN
Description: External (internet-facing) IP or FQDN of a Public Site Server.
Field: Port
Description: Port used for communication between Site Servers, and for Agent heartbeat/check-in.
Default Value: 54545
Field: Heartbeat Port
Description: Additional Port used for Agent heartbeat/check-in.
Default Value: 54555
Field: Client Port
Description: Port used FTK Central to Root Site Server communication.
Default Value: 54321
Results
Field: Results Directory or UNC Path
Description: Path to store collected data in temporarily.
Field: Results Share Domain
Description: Domain to use if Results Directory is a UNC path.
Field: Results Share Username
Description: Username to use if Results Directory is a UNC path.
Field: Results Share Password
Description: Password to use if Results Directory is a UNC path.
Site Server System
Field: Parent Instance
Description: The parent of a Private or Public site server, in the format IP/FQDN:Port.
Field: Children Instances
Description: The children of a Root or Private site server, in a comma-delimited list in the format IP/FQDN:Port.
Field: Public Instances
Description: A list of all an environment's available Public Site Servers, in a comma-delimited list in the format IP/FQDN:Port.
Note: This is used to notify Public Agents of other available Public Site Servers that may be closer/faster.
Locality
Field: Managed Subnet Address(es)
Description: A comma-delimited list of CIDR ranges that includes all targets the given Site Server is allowed to collect from.
Configuration
Field: Max Client Connections
Description: The number of clients/applications that are allowed to connect to the Client Port.
Default Value: 10
Field: Max Incoming Threads
Description: The number of threads created for incoming connections by Site Servers and Agents over the Port.
Default Value: 50
Field: Max Outgoing Threads
Description: The number of threads created for outgoing connections to Site Servers and Agents over the Port.
Default Value: 50
Field: Max Event Threads
Description: The number of threads created for handling agent events that were previously added to the Site Server database.
Default Value: 50
Field: Replication Threads
Description: The number of threads created for replicating data between Site Servers.
Default Value: 5
Field: Retry Count
Description: The number of retries to make when replicating data.
Default Value: 5
Field: Retry Delay (ms)
Description: The time between retries.
Default Value: 100
Bandwidth Control
Field: In From SiteServer
Description: Max bandwidth allowed in from other Site Servers.
Default Value: Unlimited
Field: Out To SiteServer
Description: Max bandwidth allowed out to other Site Servers.
Default Value: Unlimited
Field: In From Agent
Description: Max bandwidth allowed in from Agents.
Default Value: Unlimited
Field: Out To Agent
Description: Max bandwidth allowed in from Agents.
Default Value: Unlimited