DetectionLab/Vagrant/resources/microsoft_ata/microsoft-ata-config.json


			
				
					
						
						
						
							
							
							{"Configuration":{"AbnormalBehaviorDetectorConfiguration":{"BuildModelsConfiguration":{"Interval":"1.00:00:00","IsEnabled":true},"MinActiveAccountCount":50,"ExcludedSourceAccountIds":[],"BlockConfiguration":{"BatchMaxSize":10000,"MaxDegreeOfParallelism":1,"MaxSize":10000},"IsEnabled":true,"UpsertProfileConfiguration":{"Interval":"00:10:00","IsEnabled":true}},"AbnormalKerberosDetectorConfiguration":{"ExcludedSourceComputerIds":[],"ExcludedSubnets":[],"BlockConfiguration":{"BatchMaxSize":10000,"MaxDegreeOfParallelism":1,"MaxSize":10000},"IsEnabled":true,"UpsertProfileConfiguration":{"Interval":"00:10:00","IsEnabled":true}},"AbnormalSensitiveGroupMembershipChangeDetectorConfiguration":{"LearningPeriod":"70.00:00:00","ExcludedSourceAccountIds":[],"BlockConfiguration":{"BatchMaxSize":10000,"MaxDegreeOfParallelism":1,"MaxSize":10000},"IsEnabled":true,"UpsertProfileConfiguration":{"Interval":"00:10:00","IsEnabled":true}},"AbnormalSmbDetectorConfiguration":{"ExcludedSourceComputerIds":[],"ExcludedSubnets":[],"BlockConfiguration":{"BatchMaxSize":10000,"MaxDegreeOfParallelism":1,"MaxSize":10000},"IsEnabled":true,"UpsertProfileConfiguration":{"Interval":"00:10:00","IsEnabled":true}},"AbnormalVpnDetectorConfiguration":{"ProfileCommonGeolocationsAndCarriersAsyncConfiguration":{"Interval":"1.00:00:00","IsEnabled":true},"BlockConfiguration":{"BatchMaxSize":10000,"MaxDegreeOfParallelism":1,"MaxSize":10000},"IsEnabled":true,"UpsertProfileConfiguration":{"Interval":"00:10:00","IsEnabled":true}},"AccountEnumerationDetectorConfiguration":{"ExcludedSourceComputerIds":[],"ExcludedSubnets":[],"BlockConfiguration":{"BatchMaxSize":10000,"MaxDegreeOfParallelism":1,"MaxSize":10000},"IsEnabled":true,"UpsertProfileConfiguration":{"Interval":"00:10:00","IsEnabled":true}},"ActivityProcessorConfiguration":{"ActivityBlockConfiguration":{"MaxDegreeOfParallelism":50,"MaxSize":50000},"ActivityPostponeBlockConfiguration":{"ActionConfiguration":{"Interval":"00:00:00.0500000","IsEnabled":true},"MaxSize":10000000,"Timeout":"00:02:00"},"PostponedActivityBlockConfiguration":{"MaxDegreeOfParallelism":100,"MaxSize":100000}},"ActivitySimulatorConfiguration":{"DatabaseServerEndpoint":{"Address":"localhost","Port":27017},"DelayInterval":"00:00:15","SimulationState":"Disabled"},"AppDomainManagerConfiguration":{"GcCollectConfiguration":{"Interval":"00:30:00","IsEnabled":true},"UpdateExceptionStatisticsConfiguration":{"Interval":"00:01:00","IsEnabled":true}},"BruteForceDetectorConfiguration":{"BlockConfiguration":{"BatchMaxSize":10000,"MaxDegreeOfParallelism":1,"MaxSize":10000},"IsEnabled":true,"UpsertProfileConfiguration":{"Interval":"00:10:00","IsEnabled":true}},"CenterTelemetryManagerConfiguration":{"IsEnabled":false,"ServiceUrl":"https://dc.applicationinsights.microsoft.com/v2/track","ClientInstrumentationKey":"fd3f5bd1-3d71-44a3-9209-d94633544903","ClientBufferMaxSize":450,"ClientSendInterval":"00:10:00","UnsentTelemetrySampleInterval":"01:00:00","UnsentTelemetryRetentionPeriod":"7.00:00:00","SendSystemTelemetryConfiguration":{"Interval":"1.00:00:00","IsEnabled":false},"SendPerformanceCounterTelemetryConfiguration":{"Interval":"00:10:00","IsEnabled":false},"SendAlertTelemetryConfiguration":{"Interval":"1.00:00:00","IsEnabled":false},"SendExceptionStatisticsTelemetryConfiguration":{"Interval":"1.00:00:00","IsEnabled":false},"SendUnsentTelemetriesConfiguration":{"Interval":"00:10:00","IsEnabled":false},"UnsentTelemetryBatchSize":20},"CenterWebApplicationConfiguration":{"ServiceListeningIpEndpoint":{"Address":"0.0.0.0","Port":443},"CommunicationCookieExpiration":"00:20:00"},"CenterWebClientConfiguration":{"RetryDelay":"00:00:01","ServiceEndpoints":[{"Address":"wef.windomain.local","Port":443}],"ServiceCertificateThumbprints":["{{THUMBPRINT}}"]},"ConfigurationManagerConfiguration":{"UpdateConfigurationConfiguration":{"Interval":"00:00:15","IsEnabled":true}},"DatabaseConfiguration":{"ServerEndpoint":{"Address":"localhost","Port":27017},"ClientConnectTimeout":"00:00:30","ClientServerSelectionTimeout":"00:00:30","ConnectionPoolMaxSize":100,"WaitQueueSize":1000,"BackupSystemProfileMaxCount":300,"CappedCollectionBlockConfiguration":{"BatchMaxSize":100,"MaxDegreeOfParallelism":8,"MaxSize":50000},"CappedCollectionHighEntityMaxCount":50000000,"CappedCollectionLowEntityMaxCount":1000000,"CappedCollectionUpdateCurrentCollectionEntityCountConfiguration":{"Interval":"00:01:00","IsEnabled":true},"DataDriveFreeSpaceCriticalPercentage":0.05,"DataDriveFreeSpaceCriticalSize":"50 GB","DataDriveFreeSpaceLowPercentage":0.2,"DataDriveFreeSpaceLowSize":"200 GB","WorkingSetPercentage":0.25,"LogFileMaxSize":"50 MB","LogFileMaxCount":10,"BackupSystemProfileConfiguration":{"Interval":"04:00:00","IsEnabled":true},"DeleteOldCappedCollectionsConfiguration":{"Interval":"00:01:00","IsEnabled":true},"DeleteOldIpAddressProfilesConfiguration":{"Interval":"1.00:00:00","IsEnabled":true},"MonitorDatabaseConfiguration":{"Interval":"00:01:00","IsEnabled":true}},"DetectionConfiguration":{"AlertConfiguration":{"IsMailEnabled":false,"IsSyslogEnabled":true,"To":[]},"NotificationVerbosity":"Low"},"DirectoryServicesReplicationDetectorConfiguration":{"ExcludedSourceComputerIds":[],"ExcludedSubnets":[],"BlockConfiguration":{"BatchMaxSize":10000,"MaxDegreeOfParallelism":1,"MaxSize":10000},"IsEnabled":true,"UpsertProfileConfiguration":{"Interval":"00:10:00","IsEnabled":true}},"DnsReconnaissanceDetectorConfiguration":{"ExcludedSourceComputerIds":[],"ExcludedSubnets":[],"BlockConfiguration":{"BatchMaxSize":10000,"MaxDegreeOfParallelism":1,"MaxSize":10000},"IsEnabled":true,"UpsertProfileConfiguration":{"Interval":"00:10:00","IsEnabled":true}},"EncryptedTimestampEncryptionDowngradeDetectorConfiguration":{"BlockConfiguration":{"BatchMaxSize":10000,"MaxDegreeOfParallelism":1,"MaxSize":10000},"IsEnabled":true,"UpsertProfileConfiguration":{"Interval":"00:10:00","IsEnabled":true}},"EntityProfilerConfiguration":{"UpdateDetectionProfileConfiguration":{"Interval":"00:05:00","IsEnabled":true},"UpdateDirectoryServicesTrafficSystemProfileConfiguration":{"Interval":"00:05:00","IsEnabled":true},"EventActivityBlockConfiguration":{"MaxDegreeOfParallelism":50,"MaxSize":100000},"LogicalActivityBlockConfiguration":{"MaxDegreeOfParallelism":50,"MaxSize":100000},"NetworkActivityBlockConfiguration":{"MaxDegreeOfParallelism":50,"MaxSize":100000}},"EntityReceiverConfiguration":{"ActivitiesDroppingEnabled":false,"EntityBatchBlockConfiguration":{"MaxSize":10000},"EntityBatchBlockSizeAccumulationQueueConfiguration":{"MaxSize":10,"Interval":"00:01:00"},"GatewayInactivityTimeout":"00:15:00","GetNatIpAddressesInternalConfiguration":{"Interval":"00:15:00","IsEnabled":true}},"EnumerateSessionsDetectorConfiguration":{"ExcludedSourceComputerIds":[],"ExcludedSubnets":[],"BlockConfiguration":{"BatchMaxSize":10000,"MaxDegreeOfParallelism":1,"MaxSize":10000},"IsEnabled":true,"UpsertProfileConfiguration":{"Interval":"00:10:00","IsEnabled":true}},"ExternalIpAddressResolverConfiguration":{"CacheConfiguration":{"ShardCount":1,"MultiLruDictionaryConfiguration":{"MaxSize":10000,"Policy":"SingleValue","Timeout":"01:00:00"},"BackgroundRemoveOldConfiguration":{"Interval":"00:01:00","IsEnabled":true}},"FailedResolutionsAccumulationQueueConfiguration":{"MaxSize":10,"Interval":"00:01:00"}},"ForgedPacDetectorConfiguration":{"BlockConfiguration":{"BatchMaxSize":10000,"MaxDegreeOfParallelism":1,"MaxSize":10000},"IsEnabled":true,"UpsertProfileConfiguration":{"Interval":"00:10:00","IsEnabled":true}},"GoldenTicketDetectorConfiguration":{"KerberosTicketLifetime":null,"ExcludedSourceAccountIds":[],"BlockConfiguration":{"BatchMaxSize":10000,"MaxDegreeOfParallelism":1,"MaxSize":10000},"IsEnabled":true,"UpsertProfileConfiguration":{"Interval":"00:10:00","IsEnabled":true}},"HoneytokenActivityDetectorConfiguration":{"BlockConfiguration":{"BatchMaxSize":10000,"MaxDegreeOfParallelism":1,"MaxSize":10000},"IsEnabled":true,"UpsertProfileConfiguration":{"Interval":"00:10:00","IsEnabled":true}},"HttpClientConfiguration":{"BufferMaxSize":"128 MB","Timeout":"00:10:00"},"IntelligenceProxyConfiguration":{"ConnectionLimit":50,"WebClientConfiguration":{"RetryDelay":"00:00:01","ServiceEndpoints":[{"Address":"ti.ata.azure.com","Port":443}],"ServiceCertificateThumbprints":[]}},"LdapBruteForceDetectorConfiguration":{"BlockConfiguration":{"BatchMaxSize":10000,"MaxDegreeOfParallelism":1,"MaxSize":10000},"IsEnabled":true,"UpsertProfileConfiguration":{"Interval":"00:10:00","IsEnabled":true}},"LdapCleartextPasswordDetectorConfiguration":{"BlockConfiguration":{"BatchMaxSize":10000,"MaxDegreeOfParallelism":1,"MaxSize":10000},"IsEnabled":true,"UpsertProfileConfiguration":{"Interval":"00:10:00","IsEnabled":true}},"LoadSimulatorRecorderConfiguration":{"IsEnabled":false,"UniqueEntityBatchBlockConfiguration":{"MaxSize":1000},"EntityBatchBlockConfiguration":{"MaxSize":1000},"FileSegmentSize":"5 MB"},"LocalizerConfiguration":{"LocaleId":"en-us"},"LogicalActivityTranslatorConfiguration":{"LogicalActivityCacheConfiguration":{"ShardCount":100,"MultiLruDictionaryConfiguration":{"MaxSize":100000,"Policy":"SingleValue","Timeout":"00:01:00"},"BackgroundRemoveOldConfiguration":{"Interval":"00:01:00","IsEnabled":true}},"EventActivityBlockConfiguration":{"MaxDegreeOfParallelism":50,"MaxSize":100000},"NetworkActivityBlockConfiguration":{"MaxDegreeOfParallelism":50,"MaxSize":100000},"UniqueEntityBlockConfiguration":{"MaxDegreeOfParallelism":50,"MaxSize":100000}},"MailClientConfiguration":{"IsEnabled":false,"From":null,"ServerEndpoint":null,"ServerSslEnabled":false,"ServerSslAcceptAnyServerCertificate":false,"AuthenticationEnabled":false,"AuthenticationAccountName":null,"AuthenticationAccountPasswordEncrypted":null},"MaliciousServiceCreationDetectorConfiguration":{"ExcludedSourceComputerIds":[],"ExcludedSubnets":[],"BlockConfiguration":{"BatchMaxSize":10000,"MaxDegreeOfParallelism":1,"MaxSize":10000},"IsEnabled":true,"UpsertProfileConfiguration":{"Interval":"00:10:00","IsEnabled":true}},"MassiveObjectDeletionDetectorConfiguration":{"DetectMassiveObjectDeletionConfiguration":{"Interval":"00:15:00","IsEnabled":true},"BlockConfiguration":{"BatchMaxSize":10000,"MaxDegreeOfParallelism":1,"MaxSize":10000},"IsEnabled":true,"UpsertProfileConfiguration":{"Interval":"00:10:00","IsEnabled":true}},"MemoryStreamPoolConfiguration":{"BlockSize":"128 KB","LargeBlockMultipleSize":"1 MB","BufferMaxSize":"128 MB"},"MonitoringClientConfiguration":{"AlertConfiguration":{"IsMailEnabled":false,"IsSyslogEnabled":true,"To":[]},"MonitoringAlertTypeNameToIsEnabledMapping":{"CenterDatabaseDataDriveFreeSpaceMonitoringAlert":true,"CenterDatabaseDisconnectedMonitoringAlert":true,"CenterExternalIpAddressResolutionFailureMonitoringAlert":true,"CenterMailMonitoringAlert":true,"CenterNotReceivingTrafficMonitoringAlert":true,"CenterOverloadedMonitoringAlert":true,"CenterSyslogMonitoringAlert":true,"CertificateExpiryMonitoringAlert":true,"GatewayCaptureNetworkAdapterFaultedMonitoringAlert":true,"GatewayCaptureNetworkAdapterMissingMonitoringAlert":true,"GatewayDirectoryServicesClientAccountPasswordExpiryMonitoringAlert":true,"GatewayDirectoryServicesClientConnectivityMonitoringAlert":true,"GatewayDisconnectedMonitoringAlert":true,"GatewayDomainSynchronizerNotAssignedMonitoringAlert":true,"GatewayLowMemoryMonitoringAlert":true,"GatewayOverloadedEventActivitiesMonitoringAlert":true,"GatewayOverloadedNetworkActivitiesMonitoringAlert":true,"GatewayRadiusEventListenerMonitoringAlert":true,"GatewaysOutdatedMonitoringAlert":true,"GatewayStartFailureMonitoringAlert":true,"GatewaySyslogEventListenerMonitoringAlert":true},"RenotificationInterval":"7.00:00:00"},"MonitoringEngineConfiguration":{"CenterNotReceivingTrafficTimeout":"01:00:00","GatewayInactivityTimeout":"00:05:00","GatewayStartFailureTimeout":"00:30:00","MonitoringAlertExpiration":"30.00:00:00","DeleteOldMonitoringAlertsConfiguration":{"Interval":"01:00:00","IsEnabled":true},"MonitoringCycleConfiguration":{"Interval":"00:01:00","IsEnabled":true}},"NetworkActivityProcessorConfiguration":{"ParentKerberosResponseTicketHashKeyToParentKerberosDataMappingConfiguration":{"ShardCount":100,"MultiLruDictionaryConfiguration":{"MaxSize":400000,"Policy":"SingleValue","Timeout":"10:00:00"},"BackgroundRemoveOldConfiguration":{"Interval":"00:01:00","IsEnabled":true}},"SaveParentKerberosBloomFiltersConfiguration":{"Interval":"00:15:00","IsEnabled":true},"SessionKeyToOperationsMappingConfiguration":{"ShardCount":100,"MultiLruDictionaryConfiguration":{"MaxSize":40000,"Policy":"MultiValue","Timeout":"00:03:00"},"BackgroundRemoveOldConfiguration":{"Interval":"00:01:00","IsEnabled":true}}},"NotificationEngineConfiguration":{"DeleteExpiredNotificationsConfiguration":{"Interval":"00:10:00","IsEnabled":true},"NotificationCycleConfiguration":{"Interval":"00:10:00","IsEnabled":true}},"PassTheHashDetectorConfiguration":{"BlockConfiguration":{"BatchMaxSize":10000,"MaxDegreeOfParallelism":1,"MaxSize":10000},"IsEnabled":true,"UpsertProfileConfiguration":{"Interval":"00:10:00","IsEnabled":true}},"PassTheTicketDetectorConfiguration":{"HandleInvisibleSuspiciousActivitiesConfiguration":{"Interval":"00:15:00","IsEnabled":true},"ValidateInvisibleSuspiciousActivitiesTimeout":"02:00:00","ExcludedSourceComputerIds":[],"ExcludedSubnets":[],"BlockConfiguration":{"BatchMaxSize":10000,"MaxDegreeOfParallelism":1,"MaxSize":10000},"IsEnabled":true,"UpsertProfileConfiguration":{"Interval":"00:10:00","IsEnabled":true}},"PrivilegeEscalationPathsDetectorConfiguration":{"MaxPrivilegeEscalationPathCount":20,"BlockConfiguration":{"BatchMaxSize":10000,"MaxDegreeOfParallelism":1,"MaxSize":10000},"IsEnabled":true,"UpsertProfileConfiguration":{"Interval":"00:10:00","IsEnabled":true}},"RemoteExecutionDetectorConfiguration":{"ExcludedSourceComputerIds":[],"ExcludedSubnets":[],"BlockConfiguration":{"BatchMaxSize":10000,"MaxDegreeOfParallelism":1,"MaxSize":10000},"IsEnabled":true,"UpsertProfileConfiguration":{"Interval":"00:10:00","IsEnabled":true}},"ReporterConfiguration":{"ReportTypeToConfigurationMapping":{},"SendPeriodicReportsConfiguration":{"Interval":"00:01:00","IsEnabled":true}},"RetrieveDataProtectionBackupKeyDetectorConfiguration":{"ExcludedSourceComputerIds":[],"ExcludedSubnets":[],"BlockConfiguration":{"BatchMaxSize":10000,"MaxDegreeOfParallelism":1,"MaxSize":10000},"IsEnabled":true,"UpsertProfileConfiguration":{"Interval":"00:10:00","IsEnabled":true}},"SamrReconnaissanceDetectorConfiguration":{"HandleInvisibleSuspiciousActivitiesConfiguration":{"Interval":"00:10:00","IsEnabled":true},"ExcludedSourceComputerIds":[],"ExcludedSubnets":[],"BlockConfiguration":{"BatchMaxSize":10000,"MaxDegreeOfParallelism":1,"MaxSize":10000},"IsEnabled":true,"UpsertProfileConfiguration":{"Interval":"00:10:00","IsEnabled":true}},"SecretManagerConfiguration":{"CertificateThumbprint":"{{THUMBPRINT}}"},"ServiceSystemProfileConfiguration":{"Id":"5aed5ee92bd5d60dd07c9586"},"SoftwareUpdaterConfiguration":{"IsEnabled":true,"IsGatewayAutomaticSoftwareUpdateEnabled":true,"IsLightweightGatewayAutomaticRestartEnabled":true,"MicrosoftUpdateCategoryId":"6ac905a5-286b-43eb-97e2-e23b3848c87d","CheckSoftwareUpdatesConfiguration":{"Interval":"01:00:00","IsEnabled":true}},"SourceAccountSupportedEncryptionTypesEncryptionDowngradeDetectorConfiguration":{"BlockConfiguration":{"BatchMaxSize":10000,"MaxDegreeOfParallelism":1,"MaxSize":10000},"IsEnabled":true,"UpsertProfileConfiguration":{"Interval":"00:10:00","IsEnabled":true}},"SourceComputerSupportedEncryptionTypesEncryptionDowngradeDetectorConfiguration":{"BlockConfiguration":{"BatchMaxSize":10000,"MaxDegreeOfParallelism":1,"MaxSize":10000},"IsEnabled":true,"UpsertProfileConfiguration":{"Interval":"00:10:00","IsEnabled":true}},"SyncManagerConfiguration":{"UpdateClientsConfiguration":{"Interval":"00:00:10","IsEnabled":true}},"SyslogClientConfiguration":{"IsEnabled":false,"ServerEndpoint":null,"ServerTransport":"Udp","ServerTransportTimeout":"00:00:10","Serializer":"Rfc5424"},"TgtEncryptionDowngradeDetectorConfiguration":{"BlockConfiguration":{"BatchMaxSize":10000,"MaxDegreeOfParallelism":1,"MaxSize":10000},"IsEnabled":true,"UpsertProfileConfiguration":{"Interval":"00:10:00","IsEnabled":true}},"UniqueEntityCacheConfiguration":{"CacheConfiguration":{"ShardCount":100,"MultiLruDictionaryConfiguration":{"MaxSize":10000,"Policy":"SingleValue","Timeout":"06:00:00"},"BackgroundRemoveOldConfiguration":{"Interval":"00:01:00","IsEnabled":true}}},"UniqueEntityProcessorConfiguration":{"HoneytokenAccountIds":[],"SensitiveAccountIds":[],"SensitiveGroupIds":[],"UniqueEntityBlockParallelismDegree":100,"GetHighFunctionalityDomainControlerIdsConfiguration":{"Interval":"00:10:00","IsEnabled":true}},"UniqueEntityProfileCacheConfiguration":{"CacheConfiguration":{"ShardCount":100,"MultiLruDictionaryConfiguration":{"MaxSize":10000,"Policy":"SingleValue","Timeout":"06:00:00"},"BackgroundRemoveOldConfiguration":{"Interval":"00:01:00","IsEnabled":true}},"UniqueEntityProfileBlockConfiguration":{"MaxDegreeOfParallelism":50,"MaxSize":50},"StoreUniqueEntityProfilesConfiguration":{"Interval":"00:10:00","IsEnabled":true}},"UserAccountClusterDetectorConfiguration":{"ClusterUserAccountsConfiguration":{"Interval":"01:00:00","IsEnabled":true}},"WindowsEventLogClientConfiguration":{"IsEnabled":true}},"GatewayCommonConfiguration":{"DirectoryServicesClientAccountDomainName":"windomain.local","DirectoryServicesClientAccountName":"vagrant","DirectoryServicesClientAccountPasswordEncrypted":{"Password":"vagrant"},"IsRadiusEventListenerEnabled":false,"IsSyslogEventListenerEnabled":false,"IsWindowsEventLogReaderEnabled":true,"RadiusEventListenerSharedSecretEncrypted":null},"SoftwareUpdates":[],"NetbiosName":"WEF","Version":"1.9.7312.32791","VersionUpdateTime":"2018-05-05T07:36:09.1352934Z","Id":"5aed5ee92bd5d60dd07c9586","UpdateTime":"2018-05-05T07:36:17.9090344Z","Type":"CenterSystemProfile"}
						
						
					
				
				
					
						Reference in New Issue
					
					View Git Blame
					Copy Permalink