merge with dev and resolv conflicts

2026-04-28 07:28:00 +02:00 · 2020-07-10 10:36:48 -04:00
parent b2e7a4221c 2ce254dfb0
commit 1f48dc765e
15 changed files with 102 additions and 14 deletions
@@ -60,7 +60,12 @@ slack_url = YOURSLACKWORKSPACE
 slack_webhook = YOURSLACKWEBHOOK

 [playbook]
+<<<<<<< HEAD
 playbook_url = http://{{MANAGER}}:3200/playbook
+=======
+playbook_url = http://{{MASTER}}:3200/playbook
+playbook_ext_url = https://{{MASTER}}/playbook
+>>>>>>> remotes/origin/dev
 playbook_key = de6639318502476f2fa5aa06f43f51fb389a3d7f
 playbook_verifycert = no
 playbook_unit_test_index = playbook-testing
@@ -1,6 +1,12 @@
+<<<<<<< HEAD
 {% set es = salt['pillar.get']('static:managerip', '') %}
 {% set hivehost = salt['pillar.get']('static:managerip', '') %}
 {% set hivekey = salt['pillar.get']('static:hivekey', '') %}
+=======
+{%- set es = salt['pillar.get']('static:masterip', '') %}
+{%- set hivehost = salt['pillar.get']('static:masterip', '') %}
+{%- set hivekey = salt['pillar.get']('static:hivekey', '') %}
+>>>>>>> remotes/origin/dev
 alert: hivealerter

 hive_connection:
@@ -23,3 +29,15 @@ hive_alert_config:
  status: 'New'
  follow: True
  caseTemplate: '5000'
+
+alert: modules.so.playbook-es.PlaybookESAlerter
+elasticsearch_host: "{{ es }}:9200"
+play_title: ""
+event.module: "playbook"
+event.dataset: "alert"
+event.severity:
+rule.category: 
+play_url: "https://{{ es }}/playbook/issues/6000"
+kibana_pivot: "https://{{es}}/kibana/app/kibana#/discover?_g=()&_a=(columns:!(_source),interval:auto,query:(language:lucene,query:'_id:{[_id]}'),sort:!('@timestamp',desc))"
+soc_pivot: "https://{{es}}/#/hunt"
+sigma_level: ""
@@ -31,3 +31,14 @@ hive_alert_config:
  caseTemplate: '5000'
  
 
+alert: modules.so.playbook-es.PlaybookESAlerter
+elasticsearch_host: "{{ es }}:9200"
+play_title: ""
+event.module: "playbook"
+event.dataset: "alert"
+event.severity:
+rule.category: 
+play_url: "https://{{ es }}/playbook/issues/6000"
+kibana_pivot: "https://{{es}}/kibana/app/kibana#/discover?_g=()&_a=(columns:!(_source),interval:auto,query:(language:lucene,query:'_id:{[_id]}'),sort:!('@timestamp',desc))"
+soc_pivot: "https://{{es}}/#/hunt"
+sigma_level: ""