mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2025-12-06 09:12:45 +01:00
41 lines
1.3 KiB
YAML
41 lines
1.3 KiB
YAML
# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
|
|
# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at
|
|
# https://securityonion.net/license; you may not use this file except in compliance with the
|
|
# Elastic License 2.0.
|
|
|
|
{% from 'vars/globals.map.jinja' import GLOBALS %}
|
|
{% if GLOBALS.role in ['so-searchnode', 'so-heavynode'] %}
|
|
{%- set elasticsearch = GLOBALS.node_ip -%}
|
|
{% elif GLOBALS.role in ['so-eval', 'so-managersearch', 'so-standalone', 'so-manager'] %}
|
|
{%- set elasticsearch = GLOBALS.manager_ip -%}
|
|
{%- endif %}
|
|
{%- set ES_USER = salt['pillar.get']('elasticsearch:auth:users:so_elastic_user:user', '') %}
|
|
{%- set ES_PASS = salt['pillar.get']('elasticsearch:auth:users:so_elastic_user:pass', '') %}
|
|
|
|
---
|
|
# Remember, leave a key empty if there is no value. None will be a string,
|
|
# not a Python "NoneType"
|
|
elasticsearch:
|
|
client:
|
|
hosts:
|
|
- https://{{elasticsearch}}:9200
|
|
cloud_id:
|
|
ca_certs:
|
|
client_cert:
|
|
client_key:
|
|
verify_certs: False
|
|
request_timeout: 30
|
|
other_settings:
|
|
api_key:
|
|
id:
|
|
api_key:
|
|
master_only: False
|
|
username: "{{ ES_USER }}"
|
|
password: "{{ ES_PASS }}"
|
|
|
|
logging:
|
|
loglevel: INFO
|
|
logfile: '/var/log/curator/curator.log'
|
|
logformat: default
|
|
blacklist: ['elasticsearch', 'urllib3']
|