Skip to main content
Version: Spectra Analyze 9.5.2

Configuration Management using Spectra Detect Manager

info

All configuration options managed by Spectra Detect Manager are available through the Spectra Detect Management API, providing programmatic access for automation and integration purposes.

ReversingLabs Spectra Detect Manager allows users to create groups of pre-configured settings, and apply those settings to selected ReversingLabs appliances. This feature makes it possible to configure multiple appliances, and to ensure they all have consistent and correct settings.

Spectra Analyze appliances managed by the Spectra Detect Manager will have the option to disconnect the appliance from the Manager in the top right corner of the Administration > Configuration section. Disconnecting the appliance from the Manager will re-configure Spectra Analyze.

Additionally, it is possible to confirm that the appliances are properly connected by checking the Spectra Detect Manager status on the System Status page, under External Services Connectivity.

The same SNMP community string configured on the appliance (in the Administration ‣ Configuration ‣ SNMP dialog) must be used when adding the appliance to the Spectra Detect Manager instance (in the Add new appliance dialog). This ensures that Spectra Detect Manager can display the appliance status information correctly, and that changes saved on the Manager can be propagated to the appliance.

When configuration values are changed on Spectra Detect Manager for a group that the appliance belongs to, the appliance will be restarted.

The Spectra Detect Manager Central Configuration feature can be used to manage the following settings on ReversingLabs Spectra Analyze appliances:

Spectra Intelligence - Multiple Spectra Analyze instances should not be configured to use the same cloud account, as this can interfere with appliance functionality, and particularly with YARA ruleset synchronization. It is advised to use these settings only if there is just one Spectra Analyze appliance in the configuration group.

T1000 File Reputation Appliance

SMTP

SNMP

Cuckoo Integration

User Directory

System Time

Spectra Detect Worker Store Integration

System Alerting