[feature] Add options to soctopus.conf

Resolves #420
2025-12-06 09:12:45 +01:00 · 2020-03-25 15:38:42 -04:00
parent 693e3e69de
commit ecbd78c6a1
1 changed files with 11 additions and 3 deletions
--- a/salt/soctopus/files/SOCtopus.conf
+++ b/salt/soctopus/files/SOCtopus.conf
@@ -3,7 +3,12 @@
 {%- set CORTEXKEY = salt['pillar.get']('static:cortexorguserkey', '') %}

 [es]
-es_url = http://{{ip}}:9200
+es_url = https://{{ip}}:9200
+es_user = YOURESUSER
+es_pass = YOURESPASS
+es_index_pattern = logstash-*
+es_verifycert = no
+

 [cortex]
 auto_analyze_alerts = no
@@ -20,6 +25,7 @@ fir_confidentiality = 1
 fir_detection = 2
 fir_plan = 8
 fir_severity = 4
+fir_verifycert = no

 [grr]
 grr_url = YOURGRRURL
@@ -30,12 +36,12 @@ grr_pass = YOURGRRPASS
 hive_url = https://{{ip}}/thehive/
 hive_key = {{ HIVEKEY }}
 hive_tlp = 3
-hive_verifycert = False
+hive_verifycert = no

 [misp]
 misp_url = YOURMISPURL
 misp_key = YOURMISPKEY
-misp_verifycert = False
+misp_verifycert = no
 distrib = 0
 threat = 4
 analysis = 0
@@ -47,6 +53,7 @@ rtir_user = YOURRTIRUSER
 rtir_pass = YOURRTIRPASS
 rtir_queue = Incidents
 rtir_creator = root
+rtir_verifycert = no

 [slack]
 slack_url = YOURSLACKWORKSPACE
@@ -55,6 +62,7 @@ slack_webhook = YOURSLACKWEBHOOK
 [playbook]
 playbook_url = https://{{ip}}/playbook
 playbook_key = a4a34538782804adfcb8dfae96262514ad70c37c
+playbook_verifycert = no

 [log]
 logfile = /var/log/SOCtopus/soctopus.log