mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2025-12-11 11:42:50 +01:00
38 lines
1.3 KiB
YAML
38 lines
1.3 KiB
YAML
# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
|
|
# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at
|
|
# https://securityonion.net/license; you may not use this file except in compliance with the
|
|
# Elastic License 2.0.
|
|
|
|
{% from 'vars/globals.map.jinja' import GLOBALS %}
|
|
{% if grains['role'] in ['so-searchnode', 'so-heavynode'] %}
|
|
{%- set elasticsearch = GLOBALS.node_ip -%}
|
|
{% elif grains['role'] in ['so-eval', 'so-managersearch', 'so-standalone', 'so-manager'] %}
|
|
{%- set elasticsearch = GLOBALS.manager_ip -%}
|
|
{%- endif %}
|
|
{%- set ES_USER = salt['pillar.get']('elasticsearch:auth:users:so_elastic_user:user', '') %}
|
|
{%- set ES_PASS = salt['pillar.get']('elasticsearch:auth:users:so_elastic_user:pass', '') %}
|
|
|
|
---
|
|
# Remember, leave a key empty if there is no value. None will be a string,
|
|
# not a Python "NoneType"
|
|
client:
|
|
hosts:
|
|
- {{elasticsearch}}
|
|
port: 9200
|
|
username: "{{ ES_USER }}"
|
|
password: "{{ ES_PASS }}"
|
|
url_prefix:
|
|
use_ssl: True
|
|
certificate:
|
|
client_cert:
|
|
client_key:
|
|
ssl_no_validate: True
|
|
timeout: 30
|
|
master_only: False
|
|
|
|
logging:
|
|
loglevel: INFO
|
|
logfile: '/var/log/curator/curator.log'
|
|
logformat: default
|
|
blacklist: ['elasticsearch', 'urllib3']
|