# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at 
# https://securityonion.net/license; you may not use this file except in compliance with the
# Elastic License 2.0.

{% from 'vars/globals.map.jinja' import GLOBALS %}
{% if grains['role'] in ['so-searchnode', 'so-heavynode'] %}
  {%- set elasticsearch = GLOBALS.node_ip -%}
{% elif grains['role'] in ['so-eval', 'so-managersearch', 'so-standalone', 'so-manager'] %}
  {%- set elasticsearch = GLOBALS.manager_ip -%}
{%- endif %}
{%-   set ES_USER = salt['pillar.get']('elasticsearch:auth:users:so_elastic_user:user', '') %}
{%-   set ES_PASS = salt['pillar.get']('elasticsearch:auth:users:so_elastic_user:pass', '') %}

---
# Remember, leave a key empty if there is no value.  None will be a string,
# not a Python "NoneType"
client:
  hosts:
    - {{elasticsearch}}
  port: 9200
  username: "{{ ES_USER }}"
  password: "{{ ES_PASS }}"
  url_prefix:
  use_ssl: True
  certificate:
  client_cert:
  client_key:
  ssl_no_validate: True
  timeout: 30
  master_only: False

logging:
  loglevel: INFO
  logfile: '/var/log/curator/curator.log'
  logformat: default
  blacklist: ['elasticsearch', 'urllib3']