securityonion/salt/idh/defaults/defaults.yaml

idh:
  opencanary:
    config:
      device.node_id: {{ grains.host }}
      logger:
        class: PyLogger
        kwargs:
            formatters:
              plain:
                  format: '%(message)s'
            handlers:
              console:
                  class: logging.StreamHandler
                  stream: ext://sys.stdout
              file:
                  class: logging.FileHandler
                  filename: /var/tmp/opencanary.log
      portscan.enabled: false
      portscan.logfile: /var/log/kern.log
      portscan.synrate: 5
      portscan.nmaposrate: 5
      portscan.lorate: 3
      tcpbanner.maxnum: 10
      tcpbanner.enabled: false
      tcpbanner_1.enabled: false
      tcpbanner_1.port: 8001
      tcpbanner_1.datareceivedbanner: ''
      tcpbanner_1.initbanner: ''
      tcpbanner_1.alertstring.enabled: false
      tcpbanner_1.alertstring: ''
      tcpbanner_1.keep_alive.enabled: false
      tcpbanner_1.keep_alive_secret: ''
      tcpbanner_1.keep_alive_probes: 11
      tcpbanner_1.keep_alive_interval: 300
      tcpbanner_1.keep_alive_idle: 300
  openssh:
    enable: true
    config:
      port: 2222