4.5. Setup profile

To log in to the setup account, the default password is: default

Note

It is necessary to change the password the first time you log in. It should be kept in a safe place, for example, with the GCap encryption keys.

In addition to the common functions of gviewadm, the setup account has the following supplementary functions:

  • access the commands of set show to display:

    • information about the available capture interfaces (show interfaces)

    • the aggregations of capture and monitoring interfaces mon and their configurations (show clusters)

    • the compatibility mode used to interact with the GCenter (show compatibility-mode)

    • the date and time of the GCap (show datetime)

    • password policy for the accounts (show password-policy)

    • the protection system policy (show bruteforce-protection)

    • the inactivity time before logging out of a user session (show session-timeout)

    • the IP address of the GCenter with which the GCap is paired (show gcenter-ip)

    • the advanced options of the detection engine configuration (show monitoring-engine)

    • the GCap information requested by technical support (show tech-support)

  • access the advanced commands of the show advanced-configuration set to display:

    • the number of CPUs dedicated to the Sigflow detection engine (show advanced-configuration cpu-config)

    • the static filtering rules of the flow (show advanced-configuration packet-filtering)

    • the high availability configuration (show advanced-configuration high-availability)

    • the MTU value of the enabled capture interfaces (show advanced-configuration mtu)

    • the load balancing configuration coming from the monx capture interface listed to the CPUs (show advanced-configuration load-balancing)

    • the local Sigflow rules according to the configured tenant (show advanced-configuration local-rules)

    • the replacement name of the interfaces (show advanced-configuration interface-names)

  • access the commands of the set set to:

    • manage the protection system against brute force attacks (set bruteforce-protection)

    • configure the aggregation on the GCap capture interfaces (set clusters)

    • change the compatibility mode used to interact with the GCenter (set compatibility-mode)

    • adjust the date and time (set datetime)

    • specify the IP address of the GCenter to which the GCap will be paired (set gcenter-ip)

    • administer network capture interfaces (set interfaces)

    • change the keyboard configuration (set keymap)

    • apply advanced configuration for the GCap sensor detection engine (set monitoring-engine)

    • change the network configuration (set network-config)

    • set password policy for accounts (set password-policy)

    • configure inactivity time before logging out (set session-timeout)

  • access the advanced commands of the set advanced-configuration set to:

    • modify the number of CPUs dedicated to the Sigflow detection engine (set advanced-configuration cpu-config)

    • modify the high availability configuration (set advanced-configuration high-availability)

    • define an advanced load balancing configuration of the captured flows (set advanced-configuration load-balancing)

    • modify the local Sigflow rules according to the configured tenant (set advanced-configuration local-rules)

    • modify the MTU value of enabled capture interfaces (set advanced-configuration mtu)

    • specify the static filtering rules for the flow (set advanced-configuration packet-filtering)

    • detect/name the GCap interfaces (set advanced-configuration rescan-interfaces)

  • access the system set commands to manage the server:

    • restart the GCap (system restart)

    • shut down the GCap (system shutdown)

    • stop a service (system reload-drivers)

    • reload network card drivers (services show)

    • reset gview, gviewadm and setup account lockout after unsuccessful authentication attempts (system unlock)

This account represents an administrator profile, a member of the detection service with privileged rights enabling them to ensure the correct operation of the detection service devices.