mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2025-12-06 09:12:45 +01:00
44 lines
982 B
YAML
44 lines
982 B
YAML
elastalert:
|
|
enabled: False
|
|
config:
|
|
rules_folder: /opt/elastalert/rules/
|
|
scan_subdirectories: true
|
|
disable_rules_on_error: false
|
|
run_every:
|
|
minutes: 3
|
|
buffer_time:
|
|
minutes: 10
|
|
old_query_limit:
|
|
minutes: 5
|
|
es_port: 9200
|
|
es_conn_timeout: 55
|
|
max_query_size: 5000
|
|
eql: true
|
|
use_ssl: true
|
|
verify_certs: false
|
|
writeback_index: elastalert
|
|
alert_time_limit:
|
|
days: 2
|
|
index_settings:
|
|
shards: 1
|
|
replicas: 0
|
|
logging:
|
|
version: 1
|
|
incremental: false
|
|
disable_existing_loggers: false
|
|
formatters:
|
|
logline:
|
|
format: '%(asctime)s %(levelname)+8s %(name)+20s %(message)s'
|
|
handlers:
|
|
file:
|
|
class: logging.FileHandler
|
|
formatter: logline
|
|
level: INFO
|
|
filename: /var/log/elastalert/elastalert.log
|
|
loggers:
|
|
'':
|
|
level: INFO
|
|
handlers:
|
|
- file
|
|
propagate: false
|