CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #74 from weslambert/master

Browse Source 
SOCtopus: update config
This commit is contained in:
Mike Reeves
2019-03-25 15:52:38 -04:00
committed by GitHub
parent b32558b2ac 03e42a009a
commit f38a5bf0ec
1 changed files with 39 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
salt/soctopus/files/SOCtopus.conf
View File

@@ -1,12 +1,47 @@
{%- set ip = salt['pillar.get']('static:masterip', '') %} {%- set ip = salt['pillar.get']('static:masterip', '') %}
[es] [es]
es_url = http://{{ ip }}:9200 es_url = http://{{ip}}:9200
[fir]
fir_url = YOURFIRURL
fir_token = YOURFIRTOKEN
fir_actor = 3
fir_category = 3
fir_confidentiality = 1
fir_detection = 2
fir_plan = 8
fir_severity = 4
[grr]
grr_url = YOURGRRURL
grr_user = YOURGRRUSER
grr_pass = YOURGRRPASS
[hive] [hive]
hive_url = http://{{ ip }}:9000 hive_url = https://{{ip}}/thehive
hive_key = YOURHIVEAPIKEYHERE -- TO LATER BE REPLACED BY JINJA hive_key = YOURHIVEKEY
tlp = 3
[misp]
misp_url = YOURMISPURL
misp_key = YOURMISPKEY
misp_verifycert = False
distrib = 0
threat = 4
analysis = 0
[rtir]
rtir_url = YOURRTIRURL
rtir_api = REST/1.0/
rtir_user = YOURRTIRUSER
rtir_pass = YOURRTIRPASS
rtir_queue = Incidents
rtir_creator = root
[slack]
slack_url = YOURSLACKWORKSPACE
slack_webhook = YOURSLACKWEBHOOK
[log] [log]
logfile = /tmp/soctopus.log logfile = /tmp/soctopus.log