CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #155 from m0duspwnens/master

Browse Source 
adding api key for Helix
This commit is contained in:
Mike Reeves
2019-12-09 10:01:27 -05:00
committed by GitHub
parent 362cd0487f 599341483e
commit 7cd0b48c4d
1 changed files with 3 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
salt/logstash/files/dynamic/9997_output_helix.conf
View File

@@ -1,10 +1,5 @@
{%- if salt['grains.get']('role') == 'so-master' %} {% set helix_api_key = salt['pillar.get']('fireeye:helix:api_key', '') %}
{% set master = salt['pillar.get']('static:masterip', '') %}
{%- set nodetype = 'master' %}
{%- else %}
{%- set nodetype = salt['pillar.get']('node:node_type', 'storage') %}
{% set master = salt['pillar.get']('static:masterip', '') %}
{%- endif %}
filter { filter {
if "fe_clone" in [type] { if "fe_clone" in [type] {
grok { grok {
@@ -105,7 +100,7 @@ output {
url => "https://helix-integrations.cloud.aws.apps.fireeye.com/api/upload?source=test&format=json" url => "https://helix-integrations.cloud.aws.apps.fireeye.com/api/upload?source=test&format=json"
http_method => post http_method => post
http_compression => true http_compression => true
headers => ["Authorization", "{{ HELIXAPIKEY }}"] headers => ["Authorization", "{{ helix_api_key }}"]
format => json_batch format => json_batch
} }
} }