Table of Contents
- Getting Started
- Agent-Based Management
- Data Providers
- Directory Services
- Auditing
- Hosts
- Templates
- Template Properties
- Batch Update Templates
- Assign Templates
- Log Management Templates
- File and Directory Monitor Templates
- Windows Monitor Templates
- Account Lockout Monitor Template
- Logon Monitor Template
- CPU Monitor Template
- Memory Monitor Template
- Disk Space Monitor Template
- SMART Monitor Template
- Process Monitor Template
- Service Monitor Template
- Performance Counter Monitor Template
- PowerShell Template
- Registry Value Monitor Template
- Active Directory User Monitor Template
- Active Directory User Integrity Monitor Template
- Task Scheduler Template
- Clock Synchronization Template
- Defragment NTFS Disks Template
- Windows Audit Policy Monitor Template
- Windows Logon As Monitor Template
- Windows Update Template
- Network and Application Monitor Templates
- Database Monitor Template
- Directory Service Monitor Template
- DNS Blacklist Monitor Template
- DNS Monitor Template
- Domain Expiration Monitor Template
- Network Speed Monitor Template
- Ping Monitor Template
- Database Table Reseed
- SQL Server Shrink and Backup Template
- SSH Shell
- TCP Port Scan Monitor Template
- Website Monitor Template
- SSL Certificate Monitor Templates
- Email Monitor Templates
- SNMP Monitor Templates
- Windows Accounts Templates
- Monitors
- Reports
- Auto-Configurators
- Filters
- Actions
- Schedules
- Environment Variables
- Options
- Account Lockout Monitoring and Reporting
- Merging Logs
- SNMP
- SSH Shell
- Syslog
- Exporting and Importing Configuration Objects
- Shared Views
- Active Directory User and Group Filters
- Assign Actions
- Assign Azure Audit Logs
- Assign Consolidated Logs
- Assign Directories
- Assign Disks
- Assign Event Logs
- Assign Files
- Assign Services
- Assign Shares
- Auto-Config Host Assignment Properties
- Define CSV and W3C Log Entry Columns
- Define Log Entry Columns
- Define Log Entry Columns with Regular Expressions
- Executable Status
- Executable Timeline
- Explicitly Assigned Logs
- File Explorer
- General Executable Properties
- Report Columns
- Report Date/Time Ranges
- Report Security Event Log Filters
- Select Folder or File
- Target Files and Sub-Directories
- Command Line Interface
- Troubleshooting
- Terminology
Corner Bowl Server Manager
SIEM, IPS, Server Monitoring, Uptime Monitoring and Compliance Software
Server Configuration
By default, the server runs unencrypted on port 21843. You can configure to server to run on TLS 1.2 and on the port of your choosing.
The configuration is implemented through the tcpserver.json file located in the programdata directory.
On Windows, the default location is:
C:\ProgramData\Corner Bowl\Server Manager\tcpserver.json
On Linux, the default location is:
/usr/share/corner-bowl/server-manager/tcpserver.json
In this Topic
How to Configure Encrypted Communications on Windows Installations
- From the Windows Server that the Corner Bowl Server Manager Service is installed, use the Windows Certificate Manager to install a SSL certificate.
- Once you have a valid SSL certificate installed, open a command prompt as Administrator.
- Type:
Notepad.exe - From Notepad, select File | Open.
- Select:
C:\ProgramData\Corner Bowl\Server Manager\tcpserver.json - Find TlsConfiguration | Enabled then set the value to true.
- Find TlsConfiguration | Certificate then set the value to one of the following values found in the Windows Certificate Manager:
| Attribute | Sample Value | Search Order |
|---|---|---|
| Thumbprint | 1E2CCCC2461DFD3FD925CDA17E5DCAD17B95D94B | 1 |
| Serial Number | 5C588F17F5225B9C4CE09E9D42E0DB94 | 3 |
| Subject Distinguished Name | CN=LocalhostName,OU=IT,O=\"Corner Bowl Software\",L=Kamas,S=Utah,C=US | 2 |
| Subject Name | LocalhostName | 4 |
- Save your changes.
- From the Windows Service Control Manager, restart the Corner Bowl Server Manager service.
Important
If you have configured the Management Console to save your password, the first time you login after either enabling or disabling TLS 1.2 you must wait for the connection to timeout.
How to Configure Encrypted Communications on Linux Installations
- Install a SSL Certificate into the .Net Certificate Store. For more information see: Linux Server Installation
- Once installed, add the certificate to your .Net Certificate Store using the Server Manager Command-Line Interface, for example:
cd /usr/bin/corner-bowl/server-manager /usr/bin/dotnet cbsmcli.dll -ic -f /etc/pki/CA/private/servercert.pfx
- Using a text editor, open the /usr/share/corner-bowl/server-manager/tcpserver.json file.
- Find TlsConfiguration | Enabled then set the value to true.
- Find TlsConfiguration | Certificate then set the value to one of the following values found in the Windows Certificate Manager:
| Attribute | Sample Value | Search Order |
|---|---|---|
| Distinguished Name | LocalhostName | 1 |
- Save your changes.
- From a command-prompt, restart the Daemon, for example:
sudo systemctl stop cbsmsrv sudo systemctl start cbsmsrv
How to Connect from the Management Console
- Launch the Corner Bowl Management Console.
- Configure the options accordingly, then click Login.
Important
If you have configured the Management Console to save your password, the first time you login after either enabling or disabling TLS 1.2 you must wait for the connection to first timeout before you have the opportunity to apply your updates.
Configuration File Reference (tcpserver.json)
| Attribute | Description | Range of Values | Default Value |
|---|---|---|---|
| Host | The hostname the Corner Bowl Server Manager Service is running. | Any network routable hostname or IP address. Values must be wrapped with quotes. | "0.0.0.0" |
| Port | The port the Corner Bowl Server Manager Service is running. | 1 - 65344 | 21843 |
| IdleTimeout | A Int32 that specifies the maximum number of seconds allowed to pass between command packets. Once exceeded, the remote connection is closed. | 1 - 65344 | 300 |
| ReceiveTimeout | An Int32 that specifies the amount of time, in seconds, that will elapse before a read operation fails. | 1 - 65344 | 120 |
| SendTimeout | An Int32 that specifies the amount of time, in seconds, that will elapse before a read operation fails. | 1 - 65344 | 120 |
| TlsConfiguration | Encapsulates the SSL/TLS 1.2 configuration properties. | ||
| Enabled | A Boolean that specifies whether SSL/TLS 1.2 is enabled. | true or false | false |
| Certificate | A string that specifies the name of the X509Certificate used to authenticate. | On Windows, the Thumbprint is suggested, however, you can also specify the Serial Number, Subject Distinguished Name or Subject Name. On Linux, the value must be the network routable hostname. If specified, the value must be wrapped in quotes otherwise specify null without quotes. | null |
| AllowSelfSignedCertificate | A Boolean value that specifies whether self-signed certificates are supported. | true or false | true |
| CheckCertificateRevocation | A Boolean value that specifies whether the certificate revocation list is checked during authentication. | true or false | false |
| AllowCertificateChainErrors | A Boolean value that specifies whether the certificate chain is checked during authentication. | true or false | true |
Sample File Contents (tcpserver.json)
{
"Host": "0.0.0.0",
"Port": 21843,
"IdleTimeout": 300,
"ReceiveTimeout": 120,
"SendTimeout": 120,
"TlsConfiguration":
{
"Enabled": false,
"Certificate": null,
"RequireRemoteCertificate": false,
"AllowSelfSignedCertificate": false,
"CheckCertificateRevocation": false,
"AllowCertificateChainErrors": false
},
}Troubleshooting
If you are unable to connect to the service using TLS 1.2, you can view the services verbose output log for detailed information. The log file is located in the following path:
On Windows the location is:
C:\ProgramData\Corner Bowl\Server Manager\server.log
On Linux the location is:
/var/log/corner-bowl/server.log