CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

[feature] Add options to soctopus.conf

Browse Source 
Resolves #420
This commit is contained in:
William Wernert
2020-03-25 15:38:42 -04:00
parent 693e3e69de
commit ecbd78c6a1
1 changed files with 11 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
salt/soctopus/files/SOCtopus.conf
View File

@@ -3,7 +3,12 @@
{%- set CORTEXKEY = salt['pillar.get']('static:cortexorguserkey', '') %} {%- set CORTEXKEY = salt['pillar.get']('static:cortexorguserkey', '') %}
[es] [es]
es_url = http://{{ip}}:9200 es_url = https://{{ip}}:9200
es_user = YOURESUSER
es_pass = YOURESPASS
es_index_pattern = logstash-*
es_verifycert = no
[cortex] [cortex]
auto_analyze_alerts = no auto_analyze_alerts = no
@@ -20,6 +25,7 @@ fir_confidentiality = 1
fir_detection = 2 fir_detection = 2
fir_plan = 8 fir_plan = 8
fir_severity = 4 fir_severity = 4
fir_verifycert = no
[grr] [grr]
grr_url = YOURGRRURL grr_url = YOURGRRURL
@@ -30,12 +36,12 @@ grr_pass = YOURGRRPASS
hive_url = https://{{ip}}/thehive/ hive_url = https://{{ip}}/thehive/
hive_key = {{ HIVEKEY }} hive_key = {{ HIVEKEY }}
hive_tlp = 3 hive_tlp = 3
hive_verifycert = False hive_verifycert = no
[misp] [misp]
misp_url = YOURMISPURL misp_url = YOURMISPURL
misp_key = YOURMISPKEY misp_key = YOURMISPKEY
misp_verifycert = False misp_verifycert = no
distrib = 0 distrib = 0
threat = 4 threat = 4
analysis = 0 analysis = 0
@@ -47,6 +53,7 @@ rtir_user = YOURRTIRUSER
rtir_pass = YOURRTIRPASS rtir_pass = YOURRTIRPASS
rtir_queue = Incidents rtir_queue = Incidents
rtir_creator = root rtir_creator = root
rtir_verifycert = no
[slack] [slack]
slack_url = YOURSLACKWORKSPACE slack_url = YOURSLACKWORKSPACE
@@ -55,6 +62,7 @@ slack_webhook = YOURSLACKWEBHOOK
[playbook] [playbook]
playbook_url = https://{{ip}}/playbook playbook_url = https://{{ip}}/playbook
playbook_key = a4a34538782804adfcb8dfae96262514ad70c37c playbook_key = a4a34538782804adfcb8dfae96262514ad70c37c
playbook_verifycert = no
[log] [log]
logfile = /var/log/SOCtopus/soctopus.log logfile = /var/log/SOCtopus/soctopus.log