mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2026-01-12 19:21:23 +01:00
47 lines
1.2 KiB
Plaintext
47 lines
1.2 KiB
Plaintext
# Module: sophos
|
|
# Docs: https://www.elastic.co/guide/en/beats/filebeat/7.x/filebeat-module-sophos.html
|
|
|
|
- module: sophos
|
|
xg:
|
|
enabled: true
|
|
|
|
# Set which input to use between tcp, udp (default) or file.
|
|
#var.input: udp
|
|
|
|
# The interface to listen to syslog traffic. Defaults to
|
|
# localhost. Set to 0.0.0.0 to bind to all available interfaces.
|
|
#var.syslog_host: localhost
|
|
|
|
# The port to listen for syslog traffic. Defaults to 9004.
|
|
#var.syslog_port: 9005
|
|
|
|
# firewall default hostname
|
|
#var.default_host_name: firewall.localgroup.local
|
|
|
|
# known firewalls
|
|
#var.known_devices:
|
|
#- serial_number: "1234567890123457"
|
|
# hostname: "a.host.local"
|
|
#- serial_number: "1234234590678557"
|
|
# hostname: "b.host.local"
|
|
|
|
|
|
utm:
|
|
enabled: true
|
|
|
|
# Set which input to use between udp (default), tcp or file.
|
|
# var.input: udp
|
|
# var.syslog_host: localhost
|
|
# var.syslog_port: 9533
|
|
|
|
# Set paths for the log files when file input is used.
|
|
# var.paths:
|
|
|
|
# Toggle output of non-ECS fields (default true).
|
|
# var.rsa_fields: true
|
|
|
|
# Set custom timezone offset.
|
|
# "local" (default) for system timezone.
|
|
# "+02:00" for GMT+02:00
|
|
# var.tz_offset: local
|