mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2025-12-09 02:32:46 +01:00
14 lines
567 B
Plaintext
14 lines
567 B
Plaintext
{% set ES = salt['pillar.get']('global:managerip', '') %}
|
|
{%- set ES_USER = salt['pillar.get']('elasticsearch:auth:users:so_elastic_user:user', '') %}
|
|
{%- set ES_PASS = salt['pillar.get']('elasticsearch:auth:users:so_elastic_user:pass', '') %}
|
|
|
|
alert: modules.so.playbook-es.PlaybookESAlerter
|
|
elasticsearch_host: "{{ ES }}:9200"
|
|
{% if salt['pillar.get']('elasticsearch:auth:enabled') is sameas true %}
|
|
elasticsearch_user: "{{ ES_USER }}"
|
|
elasticsearch_pass: "{{ ES_PASS }}"
|
|
{% endif %}
|
|
play_title: ""
|
|
play_url: "https://{{ ES }}/playbook/issues/6000"
|
|
sigma_level: ""
|