Specify a name for the storage target. The name must be alphabetical, numeric, or alphanumeric. The name can include an underscore (_) but cannot include spaces or other special characters.

This name appears as a selection in the user interfaces of the Risk Management Component of the Real-Time Analytics (RTA) Framework that provides interaction search and replay functionality, combined with integration of the Real-Time Analytics (RTA) Framework. and Project Instance of the Speech and Text Analytics application that supports a different language or Line of Business (LOB). Rules Management applications when a user exports interactions from those applications.

This value can be one of the following media types:

• SFTP (Secure File Transfer Protocol)

• SMB (Server Message Block - not available in multi-tenant enabled (cloud) environments)

• Amazon S3

• Azure

• GCS (Google Cloud Storage)

SFTP Media Type Settings

Provide an SFTP host server to which the export connects and where results are delivered. The SFTP host is required.

Use one of the following for the SFTP Host:

• A fully qualified domain name of up to 255 characters for a valid SFTP host.

• An IP address for a valid SFTP host.

Provide the port number on the SFTP Host server used for SFTP connections. A port number is required.

The default port number is 22.

Enter the path on the SFTP Host server to which the export results are uploaded. The path is a part of the full path.

For example, a full path to an SFTP target has the format of sftp://<Host>:<Port>/<Path>.

An example of a full path is sftp://10.123.36.117:22/incoming/interactions. In this example, incoming/interactions is the path.

The following characters are not allowed: space, asterisk (*), ampersand (&), question mark (?), angle brackets (< and >), single quote ('), double quote ("), and pipe (|).

Enter the user name of the account used to log on to the SFTP Host server. A user name of up to 255 characters is allowed.

Enter the password for the account used to log on to the SFTP Host server. A password of up to 255 characters is allowed.

To see the password as you type it, click the eye icon at the right of the password field.

Click the Test icon to verify that the configuration is valid. If an invalid host name is specified, the verification Feature in voice biometrics where the speaker’s voice is compared to a collection of employee or customer voiceprints that should match the call. If a match occurs, the speaker is said to be verified. may take a little time to complete.

Specify the users who are authorized to export interactions to the SFTP storage target. You can specify all organizations or select specific organizations from a list of organizations that are within your user scope.

A Search feature is available above the list of specific organizations to help you find organizations. This search feature supports type-ahead searching (that is, it will display partial matches in the list of organizations as you type in the Search field).

SMB Media Type Settings (not available in multi-tenant enabled (cloud) environments)

Provide an SMB host server to which the export connects and where results are delivered. The SMB host is required.

Use one of the following for the SMB Host:

• A fully qualified domain name of up to 255 characters for a valid SMB host.

• An IP address for a valid SMB host.

Enter the name of the SMB share. The share is a component of the full path to the storage target.

For example, a full path to the SMB target has the format of \\<Host>\<Share>\<Path>

An example of a full path is \\rs-data.lab.local\RS_Data_Vol\incoming\interactions. In this example, RS_Data_Vol is the share.

Enter the path on the SMB server to which the export results are uploaded. The path is a part of the full path.

See the example of a full path for an SMB storage target in the Share description immediately above. In that example, \incoming\interactions is the path.

Enter the user name of the account used to log on to the SMB Host server. A user name of up to 255 characters is allowed.

Enter the password of the account used to log on to the SMB Host server. A password of up to 255 characters is allowed.

To see the password as you type it, click the eye icon at the right of the password field.

To verify that the configuration is valid, click the Test icon. If an invalid host name is specified, the verification may take a little time to complete.

Specify the users who are authorized to export interactions to the SMB storage target. You can specify all organizations or select specific organizations from a list of organizations that are within your user scope.

A Search feature is available above the list of specific organizations to help you find organizations. This search feature supports type-ahead searching (that is, it will display partial matches in the list of organizations as you type in the Search field).

Amazon S3 Media Type Settings

The Amazon S3 bucket (or vault) name. The name is provided at the time that a user requests a new bucket.

Enter the path on the Amazon S3 server to which the export results are uploaded. The path is a part of the full path.

For example, a full path to an Amazon S3 storage target has the format s3://<Bucket name>/<Path>.

An example of a full path is s3://chat/connect/chat-storage/ChatTranscripts. In this example, /connect/chat-storage/ChatTranscripts is the path. The bucket name is chat.

The Authentication Type can be either Access Key ID or Implicit Authentication.

If Implicit Authentication is selected, the system looks for credentials in the following order:

1. Java system properties - aws.accessKeyId and aws.secretAccessKey. The Amazon We Service (AWS) SDK for Java uses the SystemPropertyCredentialsProvider to load these credentials.

2. Environment variables - AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY. The AWS SDK for Java uses the EnvironmentVariableCredentialsProvider class to load these credentials.

3. The default credential profiles file - The specific location of this file can vary per platform Predefined logical group of server roles installed together on a physical server., but is typically located at ~/.aws/credentials. This file is shared by many of the AWS SDKs and by the AWS CLI. The AWS SDK for Java uses the ProfileCredentialProvider to load these credentials.

4. Amazon ECS container credentials - This is loaded from Amazon ECS if the environment variable AWS_CONTAINER_CREDENTIALS_RELATIVE_URI is set. The AWS SDK for Java uses the ContainerCredentialsProvider to load these credentials.

5. Instance profile credentials - This is used on Amazon EC2 instances, and delivered through the Amazon EC2 metadata service. The AWS SDK for Java uses the InstanceProfileCredentialsProvider to load these credentials.

This field appears only when Access Key ID is the selected Authentication Type.

Enter the Access Key of the identity you are using to send the export request.

The Access Key ID is provided by the customer. The Access Key must be exactly 20 characters and can be alphanumeric. All characters must be upper case.

This field appears only when Access Key ID is the selected Authentication Type.

The Secret Access Key is used to calculate the signature of an export request.

The Secret Access Key is provided by the customer. The Secret Access key must be exactly 40 characters.

To see the Secret Access Key as you type it, click the eye icon at the right of the password field.

(Optional) The address of third-party (non-AWS) endpoints that support the S3 protocol. The third-party providers might not support all features, authentication methods, and regions. Consult the documentation of your third-party provider. To use standard Amazon Web Service (AWS) endpoints, leave this field blank.

(Optional) The region of the endpoint that is used to service your requests. When unspecified, the region of the bucket is queried using the AWS_GLOBAL endpoint. For any other upcoming requests, the bucket region is used. When the region is not specified, and the bucket region cannot be obtained due to failure, the system uses the AWS_GLOBAL region for any upcoming requests. AWS_GLOBAL region redirects the requests to the proper region.

For Security Token Service (STS) requests when the region is not specified, the system uses the region us-east-1.

Select this check box to enable AWS role assumption.

(Optional) This field is available only when the Roles check box is selected. In this field, specify the Amazon Resource Name (ARN) of the IAM role used to authenticate access to the media. The role must have a policy attached that enables read, upload, and multipart upload access to the bucket. In addition, the role must have permission to list buckets and access the region of the bucket.

(Optional) This field is available only when the Roles check box is selected. In this field, specify the External ID associated with the role.

To see the External ID as you type it, click the eye icon at the right of the password field.

Click the Test icon to verify that the configuration is valid. If an invalid host name is specified, the verification may take a little time to complete.

Specify the users who are authorized to export interactions to the Amazon S3 storage target. You can specify all organizations or select specific organizations from a list of organizations that are within your user scope.

A Search feature is available above the list of specific organizations to help you find organizations. This search feature supports type-ahead searching (that is, it will display partial matches in the list of organizations as you type in the Search field).

Azure Media Type Settings

Choose either Files or Blob as the Azure storage type.

Azure Blob storage is an object storage solution for the cloud. Blob storage allows you to store vast amounts of unstructured data such as audio, video, images, and more. The unstructured data need not adhere to a specific data model. Objects stored in Blob storage do not necessarily have an extension.

Azure Files storage is a fully-managed SMB-based distributed file system. Azure Files storage offers fully managed file shares in the cloud that are accessible by means of the industry standard SMB protocol.

The Azure storage account name. Storage account names must be between 3 and 24 characters in length and may contain numbers and lower-case letters only.

The Azure storage account name appears in the upper left corner of the Azure administrative software.

This field appears only when Files is selected as the Storage type. Specify the name of the share in the Azure storage account to which the user wants to upload files. A share name must be a valid DNS name.

• Share names must start with a letter or number, and can contain only letters, numbers, and the dash (-) character.

• Every dash (-) character must be immediately preceded and followed by a letter or number. Consecutive dashes are not permitted in share names.

• All letters in a share name must be lower-case.

• Share names must be between 3 through 63 characters long.

This field appears only when Blob is selected as the Storage type. Specify the name of the container in the Azure storage account to which the user wants to upload files.

• Container names must start or end with a letter or number, and can only contain letters, numbers, and the dash (-) character.

• Every dash (-) character must be immediately preceded and followed by a letter or number. Consecutive dashes are not permitted in container names.

• All letters in a container name must be lower-case.

• Container names must be between 3 through 63 characters long.

Enter the path to the folder where the file needs to be retrieved from or uploaded to.

• A path name may be no more than 2,048 characters long. Individual components in the path can be a maximum of 255 characters long.

• A path name is composed of one or more path name components separated by the forward-slash (/) character.

• The depth of sub-directories in the path cannot exceed 250.

• The same name cannot be used for a file and a directory that share the same parent directory. For example, a file and a directory that are each named data cannot exist under the same parent path.

• Directory and file names are case-preserving and case-insensitive.

• In directory and file names in the path, the following characters are not allowed: " \ / : | < > * ?

Select an authentication type of either Shared Key or Shared Access Signature authentication.

Shared Key authentication relies on your account access keys and other parameters to produce an encrypted signature string that is passed on request in the Authorization header. Shared Key authentication can provide access over a specified time interval. See the Microsoft documentation for detailed information about Shared Key authentication.

Shared Access Signatures (SAS) delegate access to a particular resource in your account with specified permissions over a specified time interval. See the Microsoft documentation for detailed information about Shared Access Signatures.

If Shared Key is selected as the authentication type, specify the connection string.

The connection string defines the resource being accessed and its authentication information. The connection string enables the user to connect to Azure files or Blob storage with restricted access.

The connection string is a string with a maximum length of 4096 characters. In the user interface, you can enter the connection string as a plain text unencrypted text string.

In the Azure administration software, the connection string can be generated from the Security + Networking - Shared access signature settings for the storage account.

If Shared Access Signature (SAS) authentication is selected as the authentication type, specify the SAS token.

An SAS token enables the user to connect to Azure files or Blob storage with restricted access. The resources to which the SAS token allows access are chosen when generating the token.

In the user interface, you can enter the SAS token as a plain text unencrypted text string.

In the Azure administration software, the SAS token can be generated from the Security + Networking - Shared access signature settings for the storage account.

Specify the users who are authorized to export interactions to the Azure storage target. You can specify all organizations or select specific organizations from a list of organizations that are within your user scope.

A Search feature is available above the list of specific organizations to help you find organizations. This search feature supports type-ahead searching (that is, it will display partial matches in the list of organizations as you type in the Search field).

GCS (Google Cloud Storage) Media Type Settings

To use Google Cloud Storage, the 2021R1 - GCP Storage Target feature must be enabled on your system.

Enter the GCS bucket name to which interactions are exported. Buckets are the basic GCS containers that hold data. Everything stored in GCS must be contained in a bucket. You can use buckets to organize data and control access to data, but unlike directories and folders, you cannot nest buckets.

• Bucket names can only contain lower-case letters, numeric characters, dashes (-), underscores (_), and dots (.). Spaces are not allowed.

• Bucket names must start and end with a number or letter.

• Bucket must contain from 3 to 63 characters. Names containing dots can contain up to 222 characters, but each dot-separated component can be no longer than 63 characters.

• Bucket names cannot be represented as an IP address in dotted-decimal notation (for example, 192.168.5.4).

• Bucket names cannot contain "google" or the prefix "goog".

Enter the path on the GCS server to which the export results are uploaded. The path value entered here is a part of the full path.

For example, a full path to a GCS storage target has the format gs://<Bucket name>/<Path>.

An example of a full path is gs://archive-export-verint/connect/chat-storage/ChatTranscripts. In this example, /connect/chat-storage/ChatTranscripts is the path. The bucket name is archive-export-verint.

• A path name is composed of one or more path name components separated by the forward slash (/) character.

• A path name can be no more than 2048 characters long. Individual components in a path can be a maximum of 255 characters long.

• The depth of subdirectories in the path cannot exceed 250.

• Directory and file names are case-preserving and case-insensitive.

You can choose between two authentication types: Service account authentication or Implicit authentication.

• Service account authentication - Provides accessing of private data on behalf of a service account outside Google cloud environments. To use this authentication, you must create a Google cloud platform service account and download its private key as a JSON file. A client passes the JSON file to Google Cloud Client Libraries to authenticate at run time.

• Implicit authentication - Provides accessing of private data on behalf of a service account inside Google Cloud environments.

  With this authentication type, when an application runs inside a Google Cloud environment, the application uses the service account provided by the environment. Google Cloud Client Libraries automatically finds and uses the service account credentials by using the GOOGLE_APPLICATION_CREDENTIALS environment variable.

This field is used only when Service account is selected as the authentication type. This private key is a JSON file that is required for service account authentication.

The private key (JSON file) can be created and downloaded from a Google Cloud platform service account.

Select this option if you want to allow a user(s) to authenticate into the system using the Google Cloud Platform service account that is specified in the Target principal field. Typically, the service account that is impersonated (specified in the Target principal field) has greater access to the system than the service accounts associated with individual users.

For example, you can have an account set up that has full access to the system that exists to support impersonation. A user can log in using their own account, and if impersonation is configured for that user, the user is granted full access to the system.

To configure impersonation for a user, the user must have their account specified in the service account that is impersonated. Users whose accounts are not specified in the service account that is impersonated cannot use this feature.

Impersonation is a security feature that allows you to limit high-level access to the system to a few selected users.

This field is used only when the Impersonate option is selected. This field specifies the service account that is impersonated. To specify the service account that is impersonated, enter the email address found in that service account in this field.