diff --git a/salt/soc/files/soc/soc.json b/salt/soc/files/soc/soc.json index 2531827d1..76f78bf2c 100644 --- a/salt/soc/files/soc/soc.json +++ b/salt/soc/files/soc/soc.json @@ -69,7 +69,7 @@ "index": "{{ ES_INDEX_PATTERNS }}", "cacheMs": {{ ES_FIELDCAPS_CACHE }}, "verifyCert": false, - "casesEnabled": {{ 'true' if CASEMODULE == 'soc' else 'false' }}, + "casesEnabled": {{ 'true' if CASE_MODULE == 'soc' else 'false' }}, "timeoutMs": {{ API_TIMEOUT }} }, "influxdb": { @@ -87,19 +87,19 @@ "refreshIntervalMs": 30000, "offlineThresholdMs": 900000 }, -{% if CASEMODULE == 'thehive' and THEHIVEKEY != '' %} +{% if CASE_MODULE == 'thehive' and THEHIVEKEY != '' %} "thehive": { "hostUrl": "http://{{ MANAGERIP }}:9000/thehive", "key": "{{ THEHIVEKEY }}", "verifyCert": false }, -{% elif CASEMODULE == 'elasticcases' %} +{% elif CASE_MODULE == 'elasticcases' %} "elasticcases": { "hostUrl": "https://{{ MANAGERIP }}:5601", "username": "{{ ES_USER }}", "password": "{{ ES_PASS }}", }, -{% elif CASEMODULE == 'generichttp' %} +{% elif CASE_MODULE == 'generichttp' %} "generichttp": { {{ GENERIC_CASE_CONFIG }} }, @@ -160,7 +160,7 @@ "mostRecentlyUsedLimit": 5, "ackEnabled": false, "escalateEnabled": true, - "escalateRelatedEventsEnabled": {{ 'true' if CASEMODULE == 'soc' else 'false' }}, + "escalateRelatedEventsEnabled": {{ 'true' if CASE_MODULE == 'soc' else 'false' }}, "eventFields": {{ hunt_eventfields | json }}, "queryBaseFilter": "", "queryToggleFilters": [], @@ -181,7 +181,7 @@ "mostRecentlyUsedLimit": 5, "ackEnabled": true, "escalateEnabled": true, - "escalateRelatedEventsEnabled": {{ 'true' if CASEMODULE == 'soc' else 'false' }}, + "escalateRelatedEventsEnabled": {{ 'true' if CASE_MODULE == 'soc' else 'false' }}, "eventFields": {{ alerts_eventfields | json }}, "queryBaseFilter": "event.dataset:alert", "queryToggleFilters": [