Getting Started
- System Requirements
- Installation
- Registration
- Version Support Policy
- Assign Service Logon As Credentials
Agent-Based Management
Data Providers
- Data Provider Properties
- SQLite Properties
- MySQL Properties
- Microsoft SQL Server Properties
- File System Properties
Directory Services
Event Log Archiving for JSIG and CMMC Compliance
Auditing
- Audit Work Items
- Self-Auditing
- Group Policy Auditing
Hosts
- Adding Hosts
- Host Properties
- Batch Update Hosts
- Agent Properties
- Logon As Properties
- SFTP Properties
- FTP/S Properties
- SNMP Device Connection Properties
- WMI
- Contact
- Exclusions
- Inventory
- Docker
- Host Assignments
Templates
- Template Properties
- Batch Update Templates
- Assign Templates
- Log Management Templates
- SCAP Compliance Monitor
- File and Directory Monitor Templates
- Windows Monitor Templates
- Windows Management Instrumentation (WMI) Templates
- SSL Certificate Monitor Templates
- Email Monitor Templates
- SNMP Monitor Templates
- Windows Accounts Templates
Monitors
- Monitor Hierarchy
- Temporarily Suppress Monitors Actions
Reports
- Report Properties
- Artificial Intelligence Reports
  - AI Anomaly Detection Report
    - AI Anomaly Detection Report (Template Triggers)
- Security Reports
- Generic Log Reports
- SIEM Report
- SIEM Chart Report
- Azure Active Directory Audit Log Report
- Event Log Report
- SNMP Trap Report
- Syslog Report
- Databse Log Report
- Event Log Summary Report
File and Permission Reports
- File and Directory Access Permissions Report
- Duplicate Files Report
- File Activity Report
- Largest Files Report
- Sorted Files Report
Summary Reports
- Host Inventory Report
- Summary Report
- Collection Report
- Hash Check Reports
Auto-Configurators
Filters
- Simple Filters
- Complex Filters
Actions
- Database Actions
- Desktop Actions
- Email Actions
- Event Log Actions
- Executable Actions
- File Actions
- IIS IP Address Restriction Actions
- Microsoft Teams Actions
- PowerShell Actions
- Report Actions
- Service Actions
- SMS Actions
- SNMP Trap Actions
- Syslog Actions
- Template Actions
- IIS IP Address Restriction Actions
- Action Variables
Schedules
- Fixed Schedules
- Range Schedules
- Real-Time Schedules
Environment Variables
Options
- Email Settings
- Security Settings
- Syslog Server Settings
- SNMP Trap Server Settings
- Log Viewer Settings
- Web Proxy Settings
- Miscellaneous Settings
Account Lockout Monitoring and Reporting
Merging Logs
SNMP
- SNMP Browser
SSH Shell
Syslog
Exporting and Importing Configuration Objects
Shared Views
- Active Directory User and Group Filters
- Assign Actions
- Assign Azure Audit Logs
- Assign Consolidated Logs
- Assign Directories
- Assign Disks
- Assign Event Logs
- Assign Files
- Assign Services
- Assign Shares
- Auto-Config Host Assignment Properties
- Define CSV and W3C Log Entry Columns
- Define Log Entry Columns
- Define Log Entry Columns with Regular Expressions
- Executable Status
- Executable Timeline
- Explicitly Assigned Logs
- File Explorer
- General Executable Properties
- Report Columns
- Report Date/Time Ranges
- Report Security Event Log Filters
- Select Folder or File
- Target Files and Sub-Directories
Command Line Interface
Server Configuration
Agent Configuration
Troubleshooting
- Arithmetic Overflow
- Access Denied
- MySQL: Fatal error encountered during command execution
- Invalid Class
- No Such Interface Supported
- Quota Violation
- The File Exists Errors
- The Interface is Unknown
- The RPC Server is Unavailable
- NetBIOS Errors
Terminology

Server Configuration

By default, the server runs unencrypted on port 21843. You can configure to server to run on TLS 1.2 and on the port of your choosing.

The configuration is implemented through the tcpserver.json file located in the programdata directory.

On Windows, the default location is:
C:\ProgramData\Corner Bowl\Server Manager\tcpserver.json

On Linux, the default location is:
/usr/share/corner-bowl/server-manager/tcpserver.json

In this Topic

How to Configure Encrypted Communications on Windows Installations
How to Configure Encrypted Communications on Linux Installations
How to Connect from the Management Console
Configuration File Reference (tcpserver.json)
Sample File Contents (tcpserver.json)
Troubleshooting

How to Configure Encrypted Communications on Windows Installations

From the Windows Server that the Corner Bowl Server Manager Service is installed, use the Windows Certificate Manager to install a SSL certificate.
Once you have a valid SSL certificate installed, open a command prompt as Administrator.

Type:
Notepad.exe
From Notepad, select File | Open.
Select:
C:\ProgramData\Corner Bowl\Server Manager\tcpserver.json
Find TlsConfiguration | Enabled then set the value to true.
Find TlsConfiguration | Certificate then set the value to one of the following values found in the Windows Certificate Manager:

Attribute	Sample Value	Search Order
Thumbprint	1E2CCCC2461DFD3FD925CDA17E5DCAD17B95D94B	1
Serial Number	5C588F17F5225B9C4CE09E9D42E0DB94	3
Subject Distinguished Name	CN=LocalhostName,OU=IT,O=\"Corner Bowl Software\",L=Kamas,S=Utah,C=US	2
Subject Name	LocalhostName	4

Note

For information on how to create a self-signed certificate see:

New-SelfSignedCertificate

Save your changes.
From the Windows Service Control Manager, restart the Corner Bowl Server Manager service.

Important

If you have configured the Management Console to save your password, the first time you login after either enabling or disabling TLS 1.2 you must wait for the connection to first timeout before you have the opportunity to apply your updates.

How to Configure Encrypted Communications on Linux Installations

Install a SSL Certificate into the .Net Certificate Store. For more information see: Linux Server Installation
Once installed, add the certificate to your .Net Certificate Store using the Server Manager Command-Line Interface, for example:

cd /usr/bin/corner-bowl/server-manager 
/usr/bin/dotnet cbsmcli.dll -ic -f /etc/pki/CA/private/servercert.pfx

Using a text editor, open the /usr/share/corner-bowl/server-manager/tcpserver.json file.
Find TlsConfiguration | Enabled then set the value to true.
Find TlsConfiguration | Certificate then set the value to one of the following values found in the Windows Certificate Manager:

Attribute	Sample Value	Search Order
Distinguished Name	LocalhostName	1

Note

For information on how to create a self-signed certificate see:

Linux Server Installation

Save your changes.
From a command-prompt, restart the Daemon, for example:

sudo systemctl stop cbsmsrv 
sudo systemctl start cbsmsrv

How to Connect from the Management Console

Launch the Corner Bowl Management Console.
Configure the options accordingly, then click Login.

Important

Configuration File Reference (tcpserver.json)

Attribute	Description	Range of Values	Default Value
Host	The hostname the Corner Bowl Server Manager Service is running.	Any network routable hostname or IP address. Values must be wrapped with quotes.	"0.0.0.0"
Port	The port the Corner Bowl Server Manager Service is running.	1 - 65344	21843
IdleTimeout	A Int32 that specifies the maximum number of seconds allowed to pass between command packets. Once exceeded, the remote connection is closed.	1 - 65344	300
ReceiveTimeout	An Int32 that specifies the amount of time, in seconds, that will elapse before a read operation fails.	1 - 65344	120
SendTimeout	An Int32 that specifies the amount of time, in seconds, that will elapse before a read operation fails.	1 - 65344	120
TlsConfiguration	Encapsulates the SSL/TLS 1.2 configuration properties.
Enabled	A Boolean that specifies whether SSL/TLS 1.2 is enabled.	true or false	false
Certificate	A string that specifies the name of the X509Certificate used to authenticate.	On Windows, the Thumbprint is suggested, however, you can also specify the Serial Number, Subject Distinguished Name or Subject Name. On Linux, the value must be the network routable hostname. If specified, the value must be wrapped in quotes otherwise specify null without quotes.	null
AllowSelfSignedCertificate	A Boolean value that specifies whether self-signed certificates are supported.	true or false	true
CheckCertificateRevocation	A Boolean value that specifies whether the certificate revocation list is checked during authentication.	true or false	false
AllowCertificateChainErrors	A Boolean value that specifies whether the certificate chain is checked during authentication.	true or false	true

Sample File Contents (tcpserver.json)

{
  "Host": "0.0.0.0", 
  "Port": 21843, 
  "IdleTimeout": 300, 
  "ReceiveTimeout": 120, 
  "SendTimeout": 120, 
  "TlsConfiguration": {
    "Enabled": false, 
    "Certificate": null, 
    "RequireRemoteCertificate": false, 
    "AllowSelfSignedCertificate": false, 
    "CheckCertificateRevocation": false, 
    "AllowCertificateChainErrors": false 
  }
}

Troubleshooting

If you are unable to connect to the service using TLS 1.2, you can view the service''s verbose output log for detailed information. The log file is located in the following path:

On Windows the location is:
C:\ProgramData\Corner Bowl\Server Manager\server.log

On Linux the location is:
/var/log/corner-bowl/server.log

Table of Contents