Limited supportBMC provides limited support for this version of the product. As a result, BMC no longer accepts comments in this space. If you encounter problems with the product version or the space, contact BMC Support.BMC recommends upgrading to the latest version of the product. To see documentation for that version, see BMC AMI Command Center for Security 6.2.

Setting up a network listener to receive messages from a remote server

Network listeners are servers that allow incoming connections to BMC Defender Server. Each listener opens a network server port to accept incoming connections from remote clients. One listener can accept up to 10 incoming connections from remote clients on the same port.

You can configure listeners to receive messages that use TCP or UDP. You do not need to configure a separate listener for UDP port 514 because the system listens for UDP port 514 messages by default.

Before you begin

  • Configure the firewall to enable incoming connections for the port numbers associated with for the listeners.
  • Ensure that TCP messages use octet-counting framing for network listeners. That is, TCP messages must begin with the ASCII representation of the number of bytes in the message. (UDP messages do not start with an octet because the product receives each message separately.)
  • If you are using Transport Layer Security (TLS) connections, prepare a Secure Sockets Layer (SSL) certificate file. To use the built-in utility to generate the certificate, see Creating-and-installing-a-self-signed-SSL-certificate.


To set up a network listener

Complete the following procedure for each network listener that you want to use:

  1. Navigate to the System > Network > Config page.
    If no listeners are configured, the following page is displayed. (After you configure listener, this page summarizes the configured listeners and provides statistics about the messages received.)
    no_netFwd_6100.png

  2. Click Add New Listener.
    The following page is displayed for a new listener:
    add_netListen_SPE2201.png

    Tip

    You can reconfigure an existing listener by clicking Edit on the System > Network > Config page.

  3. (Optional) On the Add Network Listener page, enter a description (up to 80 characters) to distinguish the network listener from others.
    The description is displayed on pages where you can select from a list of configured listeners.
    If you leave the Description box empty, the product assigns a default description in the following format:
    RECV protocol portNumber.
  4. From the Enable list, select to enable the network listener.
    Enabling the listener opens the configured port and accepts incoming connections and messages. You can enable or disable a listener at any time, but you might have to wait a few minutes for changes to take effect.
  5. From the Protocol list, select one of the following network protocols to use for connection and message delivery:
  6. In the Port box, enter the port number on which the listener accepts incoming connections.
    Ensure that the port number is not blocked by a firewall.
  7. Select a Message Framing character option:
    • CR—Carriage return (default)
    • LF—Line feed
    • CRLF—Carriage return plus line feed
    • NULL
    • OCTET—Octet counting
    • None
  8. In the Message Buffer Size box, adjust the number of messages to buffer when there is a high processing load on the receiving system.
    Buffering enables processing of the received messages without message loss. The buffer is typically empty except for heavy bursts of message traffic.
    The range is from 1,000 to 20,000,000 messages. The default value is 1,000,000.
  9. (SPE2201) (For TCP or TCP-TLS protocols) In the Maximum Active Connections For This Listener box, adjust the maximum number of active connections to allow for the expected number of incoming connections.

    When a new incoming TCP/TLS connection is established, a message is displayed in the product. Messages are also displayed when the number of connections is close to the maximum or when a connection is rejected because the maximum number of connections has been reached.

    The upper limit is 500 and the default value is 10. 
  10. (For TCP or TCP-TLS protocols) From the Enable TCP Keepalive option, select Yes if you want to quickly detect network connection issues with a remote peer.

  11. Adjust the following parameters as required:

    Parameter

    Description

    TCP Keepalive Interval

    Wait time in milliseconds to receive a message from a peer before sending another TCP keepalive packet

    Valid values are 100 to 20,000,000. The default value is 1,000. 

    TCP Keepalive ACK Timeout

    Wait time in milliseconds for the remote peer to acknowledge receipt of a sent TCP keepalive packet

    The system uses this timeout value to determine if the remote peer is still connected.

    Valid values are 100 to 20,000,000. The default value is 1,000.

    TCP Socket Send Timeout

    Maximum wait time in milliseconds for a TCP data packet to be sent, used by the operating system networking

    Valid values are 100 to 20,000,000. The default value is 1,000.

    TCP Socket Receive Timeout

    Duration in milliseconds for an incoming TCP packet to be fully received

    Valid values are 100 to 20,000,000. The default value is 1,000.

  12. Click Save.

When you save your changes, the product updates the values in all places where the listener is displayed.

Note

You might need to wait a few minutes for the settings to be active.

Related topics

Setting-up-network-forwarders-to-send-messages-to-a-remote-server

Setting-up-a-TLS-connection-for-TCP-listeners-and-forwarders

Setting-up-a-network-forwarder

Using BMC Defender Server applications

Networking-configuration-options-for-network-forwarders-and-listeners

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*