Lockbox Configuration Parameters

Document created by RSA Information Design and Development Employee on Nov 22, 2016Last modified by RSA Information Design and Development Employee on May 4, 2017
Version 10Show Document
  • View in full screen mode

This topic describes the Lockbox Security Settings.

A lockbox is an encrypted file that you use to store confidential information about an application. The Security Analytics Lockbox stores an encryption key for the Log Collector.

The encryption key encrypts all event source passwords and the event broker password, but the actual event source passwords are not stored in the Lockbox.

When you create the Lockbox, you need to:

  1. Define a password for the Lockbox.
  2. Set a host system fingerprint based on stable system values.

The Log Collector operates the Lockbox in a mode during data collection that does not require you to specify the password (the Log Collector uses the host system fingerprint instead). You do need to use the Lockbox password to:

  • Change the Lockbox password.
  • Reset stable system values.
  • Generate a new encryption key.

To access the Lockbox Configuration Parameters:

  1. In the Security Analytics menu, select Administration >Services.
  2. In the Services grid, select a Log Collector service.
  3. Click Actions menu croppedunder Actions and select View > Config.
  4. Click the Settings tab.
  5. In the options panel, select Lockbox to maintain Lockbox settings.



The Lockbox view in the Settings tab has three sections: Lockbox Security Settings, Reset Stable System Value, and Generate New Encryption Key.

Lockbox Security Settings

Before you configure event sources for the Log Collector, you need to set up a lockbox. General guidelines for lockbox setup are:

  • You only need to set a lockbox password once.
  • Set the password before you configure event sources.
  • After you set the password, the lockbox is set up for any event source that you add.

These are the lockbox security settings.

Old Lockbox PasswordWhen you set up a Lockbox for the first time, this field is blank.  Security Analytics populates this field after you enter a New Lockbox Password and click Apply.
New Lockbox PasswordInitial or new lockbox password.

Note:  To maximize lockbox security, specify a password that is eight or more characters in length with at least one numeric character, uppercase character, and non-alphanumeric character such as # or !

ApplyClick Apply to save the changes to the lockbox password.

Reset Stable System Value

These are the Reset Stable System Value settings.

Lockbox PasswordWhen you set up a Lockbox for the first time, this field is blank. Specify the same Lockbox password that you entered under Lockbox Security Settings. Typically, you only need to reset this password if you change the host hardware.
ApplyClick Apply to set the system fingerprint in the lockbox.

Generate New Encryption Key

This option generates a new internal encryption key and re-encrypts the Log Collector encrypted configuration parameter values (usually passwords). Clicking Apply activates the option.

You are here
Table of Contents > Log Collection Configuration Guide > Reference - Configuration Parameters Interface > Log Collection Parameters > Log Collection Settings Tab > Lockbox Configuration Parameters