Update 'url' to use 'es_hosts'

2025-12-17 22:42:51 +01:00 · 2023-05-19 17:14:13 -04:00
parent eb9c5e9af0
commit 00bd93c026
1 changed files with 2 additions and 2 deletions
--- a/salt/elastalert/files/modules/so/playbook-es.py
+++ b/salt/elastalert/files/modules/so/playbook-es.py
@@ -31,8 +31,8 @@ class PlaybookESAlerter(Alerter):
                creds = (self.rule['es_username'], self.rule['es_password'])

            payload = {"rule": { "name": self.rule['play_title'],"case_template": self.rule['play_id'],"uuid": self.rule['play_id'],"category": self.rule['rule.category']},"event":{ "severity": self.rule['event.severity'],"module": self.rule['event.module'],"dataset": self.rule['event.dataset'],"severity_label": self.rule['sigma_level']},"kibana_pivot": self.rule['kibana_pivot'],"soc_pivot": self.rule['soc_pivot'],"play_url": self.rule['play_url'],"sigma_level": self.rule['sigma_level'],"event_data": match, "@timestamp": timestamp}
-            url = f"https://{self.rule['es_host']}:{self.rule['es_port']}/so-playbook-alerts-{today}/_doc/"
+            url = f"{self.rule['es_hosts']}/so-playbook-alerts-{today}/_doc/"
            requests.post(url, data=json.dumps(payload), headers=headers, verify=False, auth=creds)
                            
    def get_info(self):
-        return {'type': 'PlaybookESAlerter'} 
+        return {'type': 'PlaybookESAlerter'}