CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-01-12 11:11:22 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
2aacd5b9b6cf339052d674595531f515c3842fff
securityonion/salt/filebeat/modules/snyk.yml.disabled
Mike Reeves 0622c77a7f Add filebeat modules
2021-05-04 10:50:13 -04:00

113 lines
3.5 KiB
Plaintext
Raw Blame History

# Module: snyk
# Docs: https://www.elastic.co/guide/en/beats/filebeat/7.x/filebeat-module-snyk.html
- module: snyk
audit:
enabled: true
# Set which input to use between httpjson (default) or file.
#var.input: httpjson
#
# What audit type to collect, can be either "group" or "organization".
#var.audit_type: organization
#
# The ID related to the audit_type. If audit type is group, then this value should be
# the group ID and if it is organization it should be the organization ID to collect from.
#var.audit_id: 1235432-asdfdf-2341234-asdgjhg
# How often the API should be polled, defaults to 1 hour.
#var.interval: 1h
# How far to look back the first time the module starts up. (Only works with full days, 24 hours, 48 hours etc).
#var.first_interval: 24h
# The API token that is created for a specific user, found in the Snyk management dashboard.
#var.api_token:
# Event filtering.
# All configuration items below is OPTIONAL and the default options will be overwritten
# for each entry that is not commented out.
# Will return only logs for this specific project.
#var.project_id: ""
# User public ID. Will fetch only audit logs originated from this user's actions.
#var.user_id: ""
# Will return only logs for this specific event.
#var.event: ""
# User email address. Will fetch only audit logs originated from this user's actions.
#var.email_address: ""
vulnerabilities:
enabled: true
# Set which input to use between httpjson (default) or file.
#var.input: httpjson
# How often the API should be polled. Data from the Snyk API is automatically updated
# once per day, so the default interval is 24 hours.
#var.interval: 24h
# How far to look back the first time the module starts up. (Only works with full days, 24 hours, 48 hours etc).
#var.first_interval: 24h
# The API token that is created for a specific user, found in the Snyk management dashboard.
#var.api_token:
# The list of org IDs to filter the results by.
# One organization ID per line, starting with a - sign
#var.orgs:
# - 12354-asdfdf-123543-asdsdfg
# - 76554-jhggfd-654342-hgrfasd
# Event filtering.
# All configuration items below is OPTIONAL and the default options will be overwritten
# for each entry that is not commented out.
# The severity levels of issues to filter the results by.
#var.included_severity:
# - high
# - medium
# - low
#
# The exploit maturity levels of issues to filter the results by.
#var.exploit_maturity:
# - mature
# - proof-of-concept
# - no-known-exploit
# - no-data
#
# The type of issues to filter the results by.
#var.types:
# - vuln
# - license
#
# The type of languages to filter the results by.
#var.languages:
# - javascript
# - ruby
# - java
# - scala
# - python
# - golang
# - php
# - dotnet
# - swift
# - docker
#
# Search term to filter issue name by, or an exact CVE or CWE.
#var.identifier:
# - ""
#
# If set to true, only include issues which are ignored, if set to false, only include issues which are not ignored.
#var.ignored: false
#var.patched: false
#var.fixable: false
#var.is_fixed: false
#var.is_patchable: false
#var.is_pinnable: false
#
# The priority score ranging between 0-1000
#var.min_priority_score: 0
#var.max_priority_score: 1000
Reference in New Issue View Git Blame Copy Permalink