Configure the .NET Core agent
The standard configuration for all agents uses this order of precedence.
Depending on your situation, you can configure the .NET Core agent with:
Configure the .NET Core agent for Azure App Service
When using Azure App Service, you can configure the .NET Core agent with:
The Azure Portal: Configure the .NET Core agent using environment variables.
Add all settings to the Application Settings section of the Configuration blade using environment variable syntax.
Environment variables in a web.config file: Place your overrides using the environment variable convention in the
<environmentVariables>section of<aspNetCore>element.A YAML configuration file: Upload the file to your Azure web application by including it in your application deployment or using the Kudu console.
In the Configuration\Application Settings blade, add a new application setting called
CONTRAST_CONFIG_PATHwith a value that points to this file.For example, to use the contrast_security.yaml file in the root of your application, add a new application setting with the key
CONTRAST_CONFIG_PATHand value of D:\Home\site\wwwroot\contrast_security.yaml in Configuration\Application Settings . Application files in Azure App Service are deployed to D:\home\site\wwwroot.
Configure .NET Core with environment variables
If you are using IIS, you can configure application settings for the .NET Core agent by adding environment variables using the web.config file or in launchSettings.json.
Tip
You can convert any of the properties in the .NET Core YAML template to environment variables.
To change the agent's logging level (
agent.logger.level) to "TRACE", add a setting with keyCONTRAST__AGENT__LOGGER__LEVELand value "TRACE".To change the agent's server name (
server.name) to "MyServer", add a setting with keyCONTRAST__SERVER__NAMEand value "MyServer".
Here are some of the most common settings:
Environment variable | Purpose |
|---|---|
CONTRAST__APPLICATION__NAME | Specify the application name reported to Contrast. |
CONTRAST__APPLICATION__GROUP | Specify the access group for this application. (You must have already created access groups.) |
CONTRAST__APPLICATION__SESSION_METADATA | Provide metadata which is used to create a new session ID in the Contrast web interface. Vulnerabilities discovered by the agent are associated with this new session. |
CONTRAST__SERVER__NAME | Specify the server name reported to Contrast. |
CONTRAST__SERVER__ENVIRONMENT | Specify in which environment the application is running (Development, QA and Production). |
See the .NET Core YAML template for a description of other available properties.
.NET Core YAML configuration template
Use this template to configure the .NET Core agent using a YAML configuration file.
# ==============================================================================
# Use the properties in this YAML file to configure a Contrast agent.
# Go to https://docs.contrastsecurity.com/en/order-of-precedence.html
# to determine the order of precedence for configuration values.
# ==============================================================================
# Use this setting if you want to temporarily disable a Contrast agent.
# Set to `true` to enable the agent; set to `false` to disable the agent.
# enable: true
# ==============================================================================
# api
# Use the properties in this section to connect the agent to the Contrast UI.
# ==============================================================================
api:
# ********************** REQUIRED **********************
# Set the URL for the Contrast UI.
url: https://app.contrastsecurity.com/Contrast
# ********************** REQUIRED **********************
# Set the API key needed to communicate with the Contrast UI.
api_key: NEEDS_TO_BE_SET
# ********************** REQUIRED **********************
# Set the service key needed to communicate with the Contrast
# UI. It is used to calculate the Authorization header.
service_key: NEEDS_TO_BE_SET
# ********************** REQUIRED **********************
# Set the user name used to communicate with the Contrast
# UI. It is used to calculate the Authorization header.
user_name: NEEDS_TO_BE_SET
# base64 encoded JSON object containing the `url`,
# `api_key`, `service_key`, and `user_name` config options,
# allowing them all to be set in a single variable.
# token: NEEDS_TO_BE_SET
# Set the version of the TLS protocol the agent uses to communicate with the
# Contrast UI. The .NET agent default behavior is (SecurityProtocolType.Tls
# | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12).
# tls_versions: tls|tls11|tls12
# ============================================================================
# api.certificate
# Use the following properties for communication
# with the Contrast UI using certificates.
# ============================================================================
# certificate:
# If set to `false`, the agent will ignore the
# certificate configuration in this section.
# enable: true
# Determine the location from which the agent loads a client
# certificate. Value options include `File` or `Store`.
# certificate_location: NEEDS_TO_BE_SET
# Set the absolute path to the client certificate's
# .CER file for communication with Contrast UI. The
# `certificate_location` property must be set to `File`.
# cer_file: NEEDS_TO_BE_SET
# Specify the name of certificate store to open. The
# `certificate_location` property must be set to `Store`.
# Value options include `AuthRoot`, `CertificateAuthority`,
# `My`, `Root`, `TrustedPeople`, or `TrustedPublisher`.
# store_name: NEEDS_TO_BE_SET
# Specify the location of the certificate store. The
# `certificate_location` property must be set to `Store`.
# Value options include `CurrentUser` or `LocalMachine`.
# store_location: NEEDS_TO_BE_SET
# Specify the type of value the agent uses to find the certificate
# in the collection of certificates from the certificate store.
# The `certificate_location` property must be set to `Store`.
# Value options include `FindByIssuerDistinguishedName`,
# `FindByIssuerName`, `FindBySerialNumber`,
# `FindBySubjectDistinguishedName`, `FindBySubjectKeyIdentifier`,
# `FindBySubjectName`, or `FindByThumbprint`.
# find_type: NEEDS_TO_BE_SET
# Specify the value the agent uses in combination with
# `find_type` to find a certification in the certificate store.
#
# Note - The agent will use the first certificate from
# the certificate store that matches this search criteria.
#
# find_value: NEEDS_TO_BE_SET
# ============================================================================
# api.proxy
# Use the following properties for communication
# with the Contrast UI over a proxy.
# ============================================================================
# proxy:
# Set value to `true` for the agent to communicate
# with the Contrast web interface over a proxy. Set
# value to `false` if you don't want to use the proxy.
# enable: NEEDS_TO_BE_SET
# Set the URL for your Proxy Server. The URL form is `scheme://host:port`.
# url: NEEDS_TO_BE_SET
# Set the proxy user.
# user: NEEDS_TO_BE_SET
# Set the proxy password.
# pass: NEEDS_TO_BE_SET
# Set the proxy authentication type. Value
# options are `NTLM`, `Digest`, and `Basic`.
# auth_type: NEEDS_TO_BE_SET
# ==============================================================================
# agent
# Use the properties in this section to control the way and frequency
# with which the agent communicates to logs and the Contrast UI.
# ==============================================================================
# agent:
# ============================================================================
# agent.route_coverage
# Use the following properties for the route-based coverage feature.
# ============================================================================
# route_coverage:
# Set to `false` to stop the agent from sending
# route-based coverage data to the Contrast UI when the
#
# application returns an error code indicating
# the request was not processed as expected.
#
# report_on_error: false
# ============================================================================
# agent.logger
# Define the following properties to set logging values.
# If the following properties are not defined, the
# agent uses the logging values from the Contrast UI.
# ============================================================================
# logger:
# Set the the log output level. Valid options are
# `ERROR`, `WARN`, `INFO`, `DEBUG`, and `TRACE`.
# level: INFO
# Set to `true` to redirect all logs to
# `stdout` instead of the file system.
# stdout: false
# Set the roll size for log files in megabytes. The agent will
# attempt to prevent the log file from being larger than this size.
# roll_size: 100
# Set the number of backup files to keep. Set to `0` to disable.
# backups: 10
# ============================================================================
# agent.security_logger
# Define the following properties to set security logging
# values associated with Protect. If not defined, the agent
# uses the security logging (CEF) values from the Contrast UI.
# ============================================================================
# security_logger:
# Set the log level for security logging. Valid options
# are `ERROR`, `WARN`, `INFO`, `DEBUG`, and `TRACE`.
# level: ERROR
# ==========================================================================
# agent.security_logger.syslog
# Define the following properties to set Syslog values. If the properties
# are not defined, the agent uses the Syslog values from the Contrast UI.
# ==========================================================================
# syslog:
# Set to `true` to enable Syslog logging.
# enable: NEEDS_TO_BE_SET
# Set the IP address of the Syslog server
# to which the agent should send messages.
# ip: NEEDS_TO_BE_SET
# Set the port of the Syslog server to
# which the agent should send messages.
# port: NEEDS_TO_BE_SET
# Set the facility code of the messages the agent sends to Syslog.
# facility: 19
# Set the log level of Exploited attacks. Value options are `ALERT`,
# `CRITICAL`, `ERROR`, `WARNING`, `NOTICE`, `INFO`, and `DEBUG`.
# severity_exploited: ALERT
# Set the log level of Blocked attacks. Value options are `ALERT`,
# `CRITICAL`, `ERROR`, `WARNING`, `NOTICE`, `INFO`, and `DEBUG`.
# severity_blocked: NOTICE
# Set the log level of Blocked At Perimeter
# attacks. Value options are `ALERT`, `CRITICAL`,
# `ERROR`, `WARNING`, `NOTICE`, `INFO`, and `DEBUG`.
# severity_blocked_perimeter: NOTICE
# Set the log level of Probed attacks. Value options are `ALERT`,
# `CRITICAL`, `ERROR`, `WARNING`, `NOTICE`, `INFO`, and `DEBUG`.
# severity_probed: WARNING
# Set the log level of Suspicious attacks. Value options are `ALERT`,
# `CRITICAL`, `ERROR`, `WARNING`, `NOTICE`, `INFO`, and `DEBUG`.
# severity_suspicious: WARNING
# Set the connection type used for Syslog messages.
# Value options are `UNENCRYPTED` and `ENCRYPTED`.
# connection_type: UNENCRYPTED
# ============================================================================
# agent.dotnet
# The following properties apply to any .NET agent-wide configurations.
# ============================================================================
# dotnet:
# Set a list of application pool names that the agent does not
# instrument or analyze. Names must be formatted as a comma-separated
# list. New after .NET Framework 19.1.3 and .NET Core 4.0.2.
# app_pool_denylist: NEEDS_TO_BE_SET
# Set a list of application pool names that the agent instruments or
# analyzes. If set, other application pools are ignored. Allowlist takes
# precedence over denylist. Names must be formatted as a comma-separated
# list. New after .NET Framework 19.1.3 and .NET Core 4.0.2.
# app_pool_allowlist: NEEDS_TO_BE_SET
# Set a list of application names that the agent does not
# analyze. (The applications are still instrumented).
# Names must be formatted as a comma-separated list.
# New after .NET Framework 19.1.3 and .NET Core 1.0.0.
# application_denylist: NEEDS_TO_BE_SET
# Set a list of application names that the agent analyzes.
# If set, other applications are not analyzed, but are
# still instrumented. Allowlist takes precedence over
# denylist. Names must be formatted as a comma-separated
# list. New after .NET Framework 19.1.3 and .NET Core 1.0.0.
# application_allowlist: NEEDS_TO_BE_SET
# Enable a profiler chaining feature to allow Contrast to
# work alongside other tools that use the CLR Profiling
# API. Defaults to `true`. New after .NET Framework 19.1.3
# (Installed Only) and .NET Core 1.9.3 (Installed Only).
# enable_chaining: true
# Indicate that the agent should monitor configuration files for
# changes. New after .NET Framework 50.0.15 and .NET Core 2.1.14.
# enable_file_watching: true
# Indicate that the agent should allow CLR optimizations
# of JIT-compiled methods. Defaults to `true`. New
# after .NET Framework 19.1.3 and .NET Core 1.0.0.
# enable_instrumentation_optimizations: true
# Indicate that the agent should allow the CLR to inline
# methods that are not instrumented by Contrast. Defaults to
# `true`. New after .NET Framework 19.1.3 and .NET Core 1.0.0.
# enable_jit_inlining: true
# Indicate that the agent should allow the CLR to perform
# transparency checks under full trust. Defaults to `false`.
# New after .NET Framework 19.1.3 and .NET Core 1.0.0.
# enable_transparency_checks: false
# Set to display ASCII art to std::out on agent startup. Defaults
# to `true`. New after .NET Framework 20.6.3 and .NET Core 1.0.0.
# enable_cat: true
# Sets the maximum amount of time a Protect regular expression
# is allowed to run before being cancelled. Set to -1 to never
# cancel regular expression execution. Defaults to `20_000`.
# New after .NET Framework 20.4.3 and .NET Core 1.5.0.
# protect_searchers_single_pattern_deadline_ms: 20_000
# Sets the maximum amount of time a 'Probe Analysis' Protect
# regular expression is allowed to run before being cancelled. Set
# to -1 to never cancel regular expression execution. Defaults to
# `5_000`. New after .NET Framework 20.7.3 and .NET Core 1.5.11.
# protect_searchers_probe_analysis_single_pattern_deadline_ms: 5_000
# Sets the maximum amount of time a Protect rule is
# allowed to run before being cancelled. Set to -1 to never
# cancel Protect rule execution. Defaults to `60_000`.
# New after .NET Framework 20.4.3 and .NET Core 1.5.0.
# protect_searchers_total_rule_deadline_ms: 60_000
# Sets the maximum amount of time a 'Probe Analysis' Protect
# rule is allowed to run before being cancelled. Set to -1 to
# never cancel Protect rule execution. Defaults to `10_000`.
# New after .NET Framework 20.7.3 and .NET Core 1.5.11.
# protect_searchers_probe_analysis_total_rule_deadline_ms: 10_000
# Sets the maximum duration of time agent log files should be kept
# since last write before being deleted by the agent. Defaults to
# `604_800_000`. New after .NET Framework 20.6.1 and .NET Core 1.5.5.
# log_cleanup_maximum_age_ms: 604_800_000
# Suppresses gathering process-level metrics (process level metrics are
# gathered by default), used to identify performance problems. Metric
# counters may further decrease the stability of already unstable
# systems and can be disabled (set to true) if issues occur. Defaults
# to `false`. New after .NET Framework 20.6.6 and .NET Core 1.5.10.
# suppress_metric_counters: false
# Enable file based application watching. Set to false if
# file watching is causing locking issues. Defaults to `true`.
# New after .NET Framework 20.7.3 and .NET Core 1.5.11.
# enable_file_based_app_watching: true
# ==============================================================================
# inventory
# Use the properties in this section to override the inventory features.
# ==============================================================================
# inventory:
# Set to `false` to disable inventory features in the agent.
# enable: true
# Apply a list of labels to libraries. Labels
# must be formatted as a comma-delimited list.
# Example - `label1, label2, label3`
#
# tags: NEEDS_TO_BE_SET
# ==============================================================================
# assess
# Use the properties in this section to control Assess.
# ==============================================================================
# assess:
# Include this property to determine if the Assess
# feature should be enabled. If this property is not
# present, the decision is delegated to the Contrast UI.
# enable: false
# Control the values captured by Assess vulnerability events. `Full`
# captures most values by calling ToString on objects, which can
# provide more info but causes increased memory usage. `Minimal`
# has better performance as it only captures String type objects
# as strings and uses type name for other object type values.
# event_detail: minimal
# Apply a list of labels to vulnerabilities and preflight
# messages. Labels must be formatted as a comma-delimited list.
# Example - `label1, label2, label3`
#
# tags: NEEDS_TO_BE_SET
# Value options are `ALL`, `SOME`, or `NONE`.
# stacktraces: ALL
# ============================================================================
# assess.sampling
# Use the following properties to control sampling in the agent.
# ============================================================================
# sampling:
# Set to `true` to enable sampling.
# enable: false
# This property indicates the number of requests
# to analyze in each window before sampling begins.
# baseline: 5
# This property indicates that every *nth*
# request after the baseline is analyzed.
# request_frequency: 10
# This property indicates the duration for which a sample set is valid.
# window_ms: 180_000
# ============================================================================
# assess.rules
# Use the following properties to control simple rule configurations.
# ============================================================================
# rules:
# Define a list of Assess rules to disable in the agent. To view a
# list of rule names, in Contrast go to user menu > Policy Management >
# Assess rules. The rules must be formatted as a comma-delimited list.
#
# Example - Set `reflected-xss,sql-injection` to disable
# the reflected-xss rule and the sql-injection rule.
#
# disabled_rules: NEEDS_TO_BE_SET
# ==============================================================================
# protect
# Use the properties in this section to override Protect features.
# ==============================================================================
# protect:
# Include this property to determine if the Protect
# feature should be enabled. If this property is not
# present, the decision is delegated to the Contrast UI.
# enable: false
# ============================================================================
# protect.probe_analysis
# Use the settings in this section to
# control the behavior of probe analysis.
# ============================================================================
# probe_analysis:
# Set to `false` to disable probe analysis.
# enable: true
# ============================================================================
# protect.rules
# Use the following properties to set simple rule configurations.
# ============================================================================
# rules:
# Define a list of Protect rules to disable in the agent. To view a
# list of rule names, in Contrast go to user menu > Policy Management >
# Protect rules. The rules must be formatted as a comma-delimited list.
# disabled_rules: NEEDS_TO_BE_SET
# ==========================================================================
# protect.rules.bot-blocker
# Use the following selection to configure if the
# agent blocks bots. Set to `true` to enable blocking.
# ==========================================================================
# bot-blocker:
# Set to `true` for the agent to block known bots.
# enable: false
# ==========================================================================
# protect.rules.sql-injection
# Use the following settings to configure the sql-injection rule.
# ==========================================================================
# sql-injection:
# Set the mode of the rule. Value options are
# `monitor`, `block`, `block_at_perimeter`, or off.
#
# Note - If a setting says, "if blocking is enabled",
# the setting can be `block` or `block_at_perimeter`.
#
# mode: off
# ==========================================================================
# protect.rules.sql-injection-semantic-chaining
# Use the following properties to configure how the
# sql injection semantic analysis chaining rule works.
# ==========================================================================
# sql-injection-semantic-chaining:
# Set the mode of the rule. Value options
# are `monitor`, `block` or `off`.
# mode: off
# ==========================================================================
# protect.rules.sql-injection-semantic-dangerous-functions
# Use the following properties to configure how the sql
# injection semantic analysis dangerous functions rule works.
# ==========================================================================
# sql-injection-semantic-dangerous-functions:
# Set the mode of the rule. Value options
# are `monitor`, `block` or `off`.
# mode: off
# ==========================================================================
# protect.rules.sql-injection-semantic-suspicious-unions
# Use the following properties to configure how the sql
# injection semantic analysis suspicious unions rule works.
# ==========================================================================
# sql-injection-semantic-suspicious-unions:
# Set the mode of the rule. Value options
# are `monitor`, `block` or `off`.
# mode: off
# ==========================================================================
# protect.rules.sql-injection-semantic-tautologies
# Use the following properties to configure how the sql
# injection semantic analysis tautologies rule works.
# ==========================================================================
# sql-injection-semantic-tautologies:
# Set the mode of the rule. Value options
# are `monitor`, `block` or `off`.
# mode: off
# ==========================================================================
# protect.rules.cmd-injection
# Use the following properties to configure
# how the command injection rule works.
# ==========================================================================
# cmd-injection:
# Set the mode of the rule. Value options are
# `monitor`, `block`, `block_at_perimeter`, or `off`.
#
# Note - If a setting says, "if blocking is enabled",
# the setting can be `block` or `block_at_perimeter`.
#
# mode: off
# Tell the agent to detect when commands come directly
# from input. The agent blocks if blocking is enabled.
# detect_phased_commands: true
# ==========================================================================
# protect.rules.cmd-injection-semantic-chained-commands
# Use the following properties to configure how the
# 'command injection - chained commands' rule works
# ==========================================================================
# cmd-injection-semantic-chained-commands:
# Set the mode of the rule. Value options
# are `monitor`, `block`, or `off`.
# mode: off
# ==========================================================================
# protect.rules.cmd-injection-semantic-dangerous-paths
# Use the following properties to configure how the
# 'command injection - dangerous paths' rule works
# ==========================================================================
# cmd-injection-semantic-dangerous-paths:
# Set the mode of the rule. Value options
# are `monitor`, `block`, or `off`.
# mode: off
# ==========================================================================
# protect.rules.cmd-injection-command-backdoors
# Use the following properties to configure how the
# 'command injection - command backdoors' rule works
# ==========================================================================
# cmd-injection-command-backdoors:
# Set the mode of the rule. Value options
# are `monitor`, `block`, or `off`.
# mode: off
# ==========================================================================
# protect.rules.path-traversal-semantic-file-security-bypass
# Use the following properties to configure how the
# 'path traversal - file security bypass' rule works
# ==========================================================================
# path-traversal-semantic-file-security-bypass:
# Set the mode of the rule. Value options
# are `monitor`, `block`, or `off`.
# mode: off
# ==========================================================================
# protect.rules.path-traversal
# Use the following properties to configure
# how the path traversal rule works.
# ==========================================================================
# path-traversal:
# Set the mode of the rule. Value options are
# `monitor`, `block`, `block_at_perimeter`, or `off`.
#
# Note - If a setting says, "if blocking is enabled",
# the setting can be `block` or `block_at_perimeter`.
#
# mode: off
# ==========================================================================
# protect.rules.method-tampering
# Use the following properties to configure
# how the method tampering rule works.
# ==========================================================================
# method-tampering:
# Set the mode of the rule. Value options are
# `monitor`, `block`, `block_at_perimeter`, or `off`.
#
# Note - If a setting says, "if blocking is enabled",
# the setting can be `block` or `block_at_perimeter`.
#
# mode: off
# ==========================================================================
# protect.rules.reflected-xss
# Use the following properties to configure how
# the reflected cross-site scripting rule works.
# ==========================================================================
# reflected-xss:
# Set the mode of the rule. Value options are
# `monitor`, `block`, `block_at_perimeter`, or `off`.
#
# Note - If a setting says, "if blocking is enabled",
# the setting can be `block` or `block_at_perimeter`.
#
# mode: off
# ==========================================================================
# protect.rules.unsafe-file-upload
# Use the following properties to configure
# how the unsafe file upload rule works.
# ==========================================================================
# unsafe-file-upload:
# Set the mode of the rule. Value options are
# `monitor`, `block`, `block_at_perimeter`, or `off`.
#
# Note - If a setting says, "if blocking is enabled",
# the setting can be `block` or `block_at_perimeter`.
#
# mode: off
# ==========================================================================
# protect.rules.xxe
# Use the following properties to configure
# how the XML external entity works.
# ==========================================================================
# xxe:
# Set the mode of the rule. Value options are
# `monitor`, `block`, `block_at_perimeter`, or `off`.
#
# Note - If a setting says, "if blocking is enabled",
# the setting can be `block` or `block_at_perimeter`.
#
# mode: off
# ==========================================================================
# protect.rules.untrusted-deserialization
# Use the following properties to configure
# how the untrusted deserialization rule works.
# ==========================================================================
# untrusted-deserialization:
# Set the mode of the rule. Value options are
# `monitor`, `block`, `block_at_perimeter`, or `off`.
#
# Note - If a setting says, "if blocking is enabled",
# the setting can be `block` or `block_at_perimeter`.
#
# mode: off
# ==============================================================================
# application
# Use the properties in this section for
# the application(s) hosting this agent.
# ==============================================================================
# application:
# Override the reported application name.
#
# Note - On systems where multiple, distinct applications may be served
# by a single process, this configuration causes the agent to report
# all discovered applications as one application with the given name.
#
# Note - On Java systems where multiple, distinct applications may be
# served by a single process, this configuration causes the agent to report
# all discovered applications as one application with the given name.
#
# name: NEEDS_TO_BE_SET
# Add the name of the application group with which this
# application should be associated in the Contrast UI.
# group: NEEDS_TO_BE_SET
# Add the application code this application should use in the Contrast UI.
# code: NEEDS_TO_BE_SET
# Override the reported application version.
# version: NEEDS_TO_BE_SET
# Apply labels to an application. Labels must
# be formatted as a comma-delimited list.
# Example - `label1,label2,label3`
#
# tags: NEEDS_TO_BE_SET
# Define a set of `key=value` pairs (which conforms to RFC 2253) for
# specifying user-defined metadata associated with the application. The
# set must be formatted as a comma-delimited list of `key=value` pairs.
# Example - `business-unit=accounting, office=Baltimore`
#
# metadata: NEEDS_TO_BE_SET
# Provide the ID of a session which already exists in the Contrast
# UI. Vulnerabilities discovered by the agent are associated with
# this session. If an invalid ID is supplied, the agent will be
# disabled. This option and `application.session_metadata` are
# mutually exclusive; if both are set, the agent will be disabled.
# session_id: NEEDS_TO_BE_SET
# Provide metadata which is used to create a new session ID in the
# Contrast UI. Vulnerabilities discovered by the agent are associated with
# this new session. This value should be formatted as `key=value` pairs
# (conforming to RFC 2253). Available key names for this configuration
# are branchName, buildNumber, commitHash, committer, gitTag, repository,
# testRun, and version. This option and `application.session_id` are
# mutually exclusive; if both are set the agent will be disabled.
# session_metadata: NEEDS_TO_BE_SET
# ==============================================================================
# server
# Use the settings in this section to set metadata for the server
# hosting this agent. Contrast recognizes common, supported server
# names, paths, types and environments. Doing this may require a new
# server or license, and it may affect functionality of some features.
# ==============================================================================
# server:
# Override the reported server name.
# name: localhost
# Set the environment directly to override the default set
# by the Contrast UI. This allows the user to configure the
# environment dynamically at startup rather than manually
# updating the Server in the Contrast UI themselves afterwards.
#
# Valid values include `QA`, `PRODUCTION` and `DEVELOPMENT`.
# For example, `PRODUCTION` registers this Server as
# running in a `PRODUCTION` environment, regardless of the
# organization's default environment in the Contrast UI.
#
# environment: NEEDS_TO_BE_SET
# Apply a list of labels to the server. Labels
# must be formatted as a comma-delimited list.
# Example - `label1,label2,label3`
#
# tags: NEEDS_TO_BE_SET
# Override the reported server path. New after
# .NET Framework v21.3.1 and .NET Core v1.8.0.
# path: NEEDS_TO_BE_SET