Help Document

Introduction

Getting started

Pre-logging setup

Logging setup

Product features

Admin settings

Product settings

Related Products
ADManager Plus

Active Directory Management & Reporting
Download | Demo
ADAudit Plus

Real-time Active Directory Auditing and UBA
Download | Demo
ADSelfService Plus

Self-Service Password Management
Download | Demo
EventLog Analyzer

Real-time Log Analysis & Reporting
Download | Demo
Exchange Reporter Plus

Exchange Server Auditing & Reporting
Download | Demo
AD360

Integrated Identity & Access Management
Download | Demo
Log360

Comprehensive SIEM and UEBA
Download | Demo

Setting up Elasticsearch

By default, Cloud Security Plus uses self-signed certificates for Elasticsearch security (authentication and encryption). If you want to use your own certificates for ES security, follow the below steps:

First, make sure you have a client certificate, a node certificate, and a root certificate. Also ensure that all three are in PEM format.
Rename the certificates and their corresponding keys as follows:

Client certificate to client.pem and its key to client.key
Node certificate to localnode.pem and its key to localnode.key
Root certificate to root_ca.pem and its key to root_ca.key

Now, go to /ES/config and open the dae.properties file.
Change the value of the parameter use_custom_certificates to true.
In /ES/config , check if the following files exist. If they do exist, delete them.

client.key
client.pem
localnode.key
localnode.pem
root_ca.key
root_ca.pem

Then, copy your certificates to <CloudSecurityPlus_Home>/ES/config .
Now, go to <CloudSecurityPlus_Home>/ES/bin and run the verifyCertificates.bat file.
If you receive a message saying 'Certificate Validation Done', start the server. If you do not get the message, contact support at support@cloudsecurityplus.com.

© 2023 Zoho Corporation Pvt. Ltd. All rights reserved.