Skip to content

Pkafka

This topic allows you to enable Pkafka for real-time audits in Privacera Discovery.

Prerequisites

Ensure the following prerequisites are met:

  • Create an Event Hub namespace with a region similar to the region of a Storage Account you want to monitor. For more information, refer to Microsoft's documentation Create an Event Hubs namespace.

  • Create Event Hub in the Event Hub namespace. For more information, refer to Microsoft's documentation Create an event hub.

  • Create a consumer group in the Event Hub.

    Azure Portal > Event Hubs namespace > Event Hub > Consumer Groups > +Consumer Group. The Consumer Groups tab will be under Entities of the Event Hub page.

  • Get the connection string of the Event Hubs namespace. For more information, refer to Microsoft's documentation Get connection string from the portal.

  • Create an Event Subscription for the Event Hubs namespace with the Event Type as Blob Created and Blob Deleted. For more information, refer to Microsoft's documentation Create an Event Grid subscription.

    Note

    When you create an event grid subscription, clear the checkbox Enable subject filtering.

CLI Configuration

  1. SSH to the instance where Privacera is installed.

  2. Run the following commands.

    cd ~/privacera/privacera-manager
cp config/sample-vars/vars.pkafka.azure.yml config/custom-vars/
vi config/custom-vars/vars.pkafka.azure.yml

  3. Edit the following properties. For property details and description, refer to the Configuration Properties below.

    PKAFKA_EVENT_HUB: "<PLEASE_CHANGE>"
PKAFKA_EVENT_HUB_NAMESPACE: "<PLEASE_CHANGE>"
PKAFKA_EVENT_HUB_CONSUMER_GROUP: "<PLEASE_CHANGE>"
PKAFKA_EVENT_HUB_CONNECTION_STRING: "<PLEASE_CHANGE>"
DISCOVERY_REALTIME_ENABLE: "true"

  4. Run the following commands.

    cd ~/privacera/privacera-manager
./privacera-manager.sh update

Configuration Properties

Property Description Example
PKAFKA_EVENT_HUB Enter the Event Hub name. Get it from the Prerequisites section above. eventhub1
PKAFKA_EVENT_HUB_NAMESPACE Enter the name of the Event Hub namespace. Get it from the Prerequisites section above. eventhubnamespace1
PKAFKA_EVENT_HUB_CONSUMER_GROUP Enter the name of the Consumer Group. Get it from the Prerequisites section above. congroup1
PKAFKA_EVENT_HUB_CONNECTION_STRING Enter the connection string. Get it from the Prerequisites section above. Endpoint=sb://eventhub1.servicebus.windows.net/;
SharedAccessKeyName=RootManageSharedAccessKey;
SharedAccessKey=sAmPLEP/8PytEsT=
DISCOVERY_REALTIME_ENABLE

Add this property to enable/disable real-time scan. By default, it is set to false.

Note: This is a custom property, and has to be added separately to the YAML file. 

For real-time scan to work, ensure the following:
  • If you want to scan the default ADLS app registered by the system at the time of installation, keep its app properties unchanged in Privacera Portal.
  • If you want to scan a user-registered app, the app properties in Privacera Portal and its corresponding discovery.yml should be the same.
  • At a time, only one app can be scanned. 
 true