Privacera Platform master publication

Pkafka
:

This topic allows you to enable Pkafka for real-time audits in Privacera Discovery.

Prerequisites

Ensure the following prerequisites are met:

  • Create an Event Hub namespace with a region similar to the region of a Storage Account you want to monitor. For more information, refer to Microsoft's documentation Create an Event Hubs namespace.

  • Create Event Hub in the Event Hub namespace. For more information, refer to Microsoft's documentation Create an event hub.

  • Create a consumer group in the Event Hub.

    Azure Portal > Event Hubs namespace > Event Hub > Consumer Groups > +Consumer Group. The Consumer Groups tab will be under Entities of the Event Hub page.

  • Get the connection string of the Event Hubs namespace. For more information, refer to Microsoft's documentation Get connection string from the portal.

  • Create an Event Subscription for the Event Hubs namespace with the Event Type as Blob Created and Blob Deleted. For more information, refer to Microsoft's documentation Create an Event Grid subscription.

    Note

    When you create an event grid subscription, clear the checkbox Enable subject filtering.

CLI configuration
  1. SSH to the instance where Privacera is installed.

  2. Run the following commands.

    cd ~/privacera/privacera-manager
    cp config/sample-vars/vars.pkafka.azure.yml config/custom-vars/
    vi config/custom-vars/vars.pkafka.azure.yml
  3. Edit the following properties. For property details and description, refer to the Configuration Properties below.

    PKAFKA_EVENT_HUB: "<PLEASE_CHANGE>"
    PKAFKA_EVENT_HUB_NAMESPACE: "<PLEASE_CHANGE>"
    PKAFKA_EVENT_HUB_CONSUMER_GROUP: "<PLEASE_CHANGE>"
    PKAFKA_EVENT_HUB_CONNECTION_STRING: "<PLEASE_CHANGE>"
    DISCOVERY_REALTIME_ENABLE: "true"
  4. Run the following commands.

    cd ~/privacera/privacera-manager
    ./privacera-manager.sh update
Configuration properties

Property

Description

Example

PKAFKA_EVENT_HUB

Enter the Event Hub name. Get it from the Prerequisites section above.

eventhub1

PKAFKA_EVENT_HUB_NAMESPACE

Enter the name of the Event Hub namespace. Get it from the Prerequisites section above.

eventhubnamespace1

PKAFKA_EVENT_HUB_CONSUMER_GROUP

Enter the name of the Consumer Group. Get it from the Prerequisites section above.

congroup1

PKAFKA_EVENT_HUB_CONNECTION_STRING

Enter the connection string. Get it from the Prerequisites section above.

Endpoint=sb://eventhub1.servicebus.windows.net/;

SharedAccessKeyName=RootManageSharedAccessKey;

SharedAccessKey=sAmPLEP/8PytEsT=

DISCOVERY_REALTIME_ENABLE

Add this property to enable/disable real-time scan. By default, it is set to false.

Note: This is a custom property, and has to be added separately to the YAML file.

For real-time scan to work, ensure the following:

  • If you want to scan the default ADLS app registered by the system at the time of installation, keep its app properties unchanged in Privacera Portal.

  • If you want to scan a user-registered app, the app properties in Privacera Portal and its corresponding discovery.yml should be the same.

  • At a time, only one app can be scanned.

true