CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update generic.template

Browse Source
This commit is contained in:
Josh Brower
2019-11-13 09:47:04 -05:00
committed by GitHub
parent 94e15ed502
commit 977f39cea7
1 changed files with 3 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
salt/soctopus/files/templates/generic.template
View File

@@ -1,9 +1,6 @@
{% set es = salt['pillar.get']('static:masterip', '') %} {% set es = salt['pillar.get']('static:masterip', '') %}
{% set hivehost = salt['pillar.get']('static:masterip', '') %} {% set hivehost = salt['pillar.get']('static:masterip', '') %}
{% set hivekey = salt['pillar.get']('static:hivekey', '') %} {% set hivekey = salt['pillar.get']('static:hivekey', '') %}
es_host: {{es}}
es_port: 9200
alert: modules.so.thehive.TheHiveAlerter alert: modules.so.thehive.TheHiveAlerter
hive_connection: hive_connection:
@@ -16,11 +13,11 @@ hive_proxies:
hive_alert_config: hive_alert_config:
title: '{rule[name]}' title: '{rule[name]}'
type: 'external' type: 'playbook'
source: 'SecurityOnion' source: 'SecurityOnion'
description: "`Play:` https://{{es}}/playbook/issues/6000 \n\n `Data:` {match[message]}" description: "`Play:` https://{{es}}/playbook/issues/6000 \n\n `View Event:` <https://{{es}}/kibana/app/kibana#/discover?_g=()&_a=(columns:!(_source),interval:auto,query:(language:lucene,query:'_id:{match[_id]}'),sort:!('@timestamp',desc))> \n\n `Raw Data:` {match[message]}"
severity: 2 severity: 2
tags: ['elastalert', 'SecurityOnion'] tags: ['playbook']
tlp: 3 tlp: 3
status: 'New' status: 'New'
follow: True follow: True