Merge pull request #74 from weslambert/master

SOCtopus: update config
2025-12-06 17:22:49 +01:00 · 2019-03-25 15:52:38 -04:00
parent b32558b2ac 03e42a009a
commit f38a5bf0ec
1 changed files with 39 additions and 4 deletions
--- a/salt/soctopus/files/SOCtopus.conf
+++ b/salt/soctopus/files/SOCtopus.conf
@@ -1,12 +1,47 @@
 {%- set ip = salt['pillar.get']('static:masterip', '') %}

 [es]
-es_url = http://{{ ip }}:9200
+es_url = http://{{ip}}:9200
+
+[fir]
+fir_url = YOURFIRURL
+fir_token = YOURFIRTOKEN
+fir_actor = 3
+fir_category = 3
+fir_confidentiality = 1
+fir_detection = 2
+fir_plan = 8
+fir_severity = 4
+
+[grr]
+grr_url = YOURGRRURL
+grr_user = YOURGRRUSER
+grr_pass = YOURGRRPASS

 [hive]
-hive_url = http://{{ ip }}:9000
-hive_key = YOURHIVEAPIKEYHERE -- TO LATER BE REPLACED BY JINJA
+hive_url = https://{{ip}}/thehive
+hive_key = YOURHIVEKEY
+tlp = 3
+
+[misp]
+misp_url = YOURMISPURL
+misp_key = YOURMISPKEY
+misp_verifycert = False 
+distrib = 0
+threat = 4
+analysis = 0
+
+[rtir]
+rtir_url = YOURRTIRURL
+rtir_api = REST/1.0/
+rtir_user = YOURRTIRUSER
+rtir_pass = YOURRTIRPASS
+rtir_queue = Incidents
+rtir_creator = root
+
+[slack]
+slack_url = YOURSLACKWORKSPACE
+slack_webhook = YOURSLACKWEBHOOK

 [log]
 logfile = /tmp/soctopus.log
-