High-volume data export using RabbitMQ - Security Center 5.12

Security Center Administrator Guide 5.12

Product
Security Center
Content type
Guides > Administrator guides
Version
5.12
Language
English
Last updated
2024-09-13

If you select the High Volume option in the Third-Party Data Exporter configuration, you must also connect to an instance of RabbitMQ queuing software. RabbitMQ is a message broker that routes data using a messaging queue. It can either be hosted on the same network or it can be a cloud version.

To enable the high-volume queuing, navigate to System > Roles > ALPR Manager > Data Exporter, and set the Queuing Protocol to High Volume.

RabbitMQ on a local network

You can install RabbitMQ on a server on your local network, however, you must consider the following:

  • The RabbitMQ installation can be long and complex compared to the cloud offering option.
  • The RabbitMQ instance needs to be monitored and updated regularly to make sure that no security issues are discovered over time.
  • RabbitMQ requires disk space to store the data that is waiting to be exported to the endpoint.

If you are using a local instance of RabbitMQ, HTTPS mode must be configured, and the TLS certificate used for the HTTPS must be used in the Communication settings.

A valid client certificate in the Data Exporter communication settings.

Cloud offering of RabbitMQ

As an alternative to the local RabbitMQ, you can use a cloud offering of RabbitMQ. This solution is more expensive because of the disk space requirements, but it is also more secure and more resilient. The RabbitMQ instance is usually created within minutes by the service provider, and is highly available.

IMPORTANT: There is currently a potential communication problem between the cloud version of RabbitMQ and Windows Server 2022. If Security Center is installed on a Windows Server 2022, the Third-Party Data Exporter might not be able to connect to a cloud instance of RabbitMQ.

If you are using a cloud instance of RabbitMQ, you must either request the TLS certificate from the service provider, or use a browser to download it directly, for example, from the RabbitMQ manager.

Exporting the RabbitMQ TLS certificate.

The TLS certificate must be used in the Communication settings as shown in the RabbitMQ on a local network section.

RabbitMQ uses virtual hosts to manage the access to queues and for administration. Some cloud service providers keep the default (/) for their own use as administrators. In that case, you can specify a virtual host in the Data Exporter. The Username is usually used as the virtual host.

Example of how cloud service providers might format the Hostname.
The Third-Party Data Exporter was tested using the CloudAMQP service provider. All of the necessary information is provided on their management portal:
Example using the AMQP service provider.
  Description
A Username
B Password
C Port to use for the connection
D Hostname and virtual host