PEP Server Configuration File

This page discusses about the pepserver.cfg file for DSG.

Accessing the pepserver.cfg File

  1. Login to the DSG Web UI.
  2. Navigate to Settings > System > Files.
  3. Open the pepserver.cfg file.

The following table helps you to understand the usage of the parameters listed in the pepserver.cfg configuration file for DSG.

Important: It is recommended that only the parameters listed in the following table are edited as per your requirement.

SectionParameter NameDescription
Application configurationpostdeploySet the path of any script that must be executed after the policy is deployed.
Logging configurationhostSet the host IP of the Log Forwarder, generally localhost, where the protector will send the logs.
 portSet the port number of the Log Forwarder to where the protector will send the logs.
modeSet how the logs must be handled in a situation where the connection to the Log Forwarder in the protector is lost.
Important: The default value is drop.
  • drop: Set to drop the logs when the connection to Log Forwarder is lost
  • error: Set to stop the data security operations and generate an error when the connection to Log Forwarder is lost.
outputSet the output type for the aggregated security logs.
  • tcp: Set to forward the security logs to the Log Forwarder
  • stdout: Set to send the security logs to the standard output screen.
Caution: Do not set the output=stdout setting in a production environment. This setting must be used only for debugging. If the output=stdout setting is configured, then the aggregated logs are not sent to Insight.
logsendintervalSet to configure the time interval after which the logs are sent from the Protector to the Log Forwarder.
The default value is 1 second.
Policy managementemptystringDefines the behavior when the data to protect is an empty string.
The default value is null.
The following are the possible values:
  • empty
  • encrypt
  • null (Default)
Caution: Starting from v10.0.x, the emptystring parameter is deprecated.
Member managementcase-sensitiveIf this parameter is set to no, then the PEP Server considers the policy user names that are case insensitive.
If this parameter is set to yes or if it is commented in the file, then the PEP Server considers the policy user names that are case-sensitive. The default value is yes.
Caution: Starting from v10.0.x, the case-sensitive parameter is deprecated.
Last modified : May 15, 2025