This repository has been archived by the owner on Apr 27, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 4
/
threatseer.yml
44 lines (34 loc) · 1.47 KB
/
threatseer.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
#================================ Threatseer ===================================
threatseer:
# Number of pipelines defaults to the number of CPUs available to the server.
# number_of_pipelines: 4
listen_address: 0.0.0.0:8081
profile_building_duration: 30m
# 10,000,000 events consumes less than 10MB of RAM. Don't go lower.
profile_event_filter_cache_size: 10000000
tls_enabled: false
# tls_root_ca_path: /run/secrets/threatseer_CA.crt
# tls_server_cert_path: /run/secrets/threatseer.crt
# tls_server_key_path: /run/secrets/threatseer.key
## use this option (with certs of the same CN) if you cannot rely on a stable
## common name for your agents
# tls_override_common_name: agent
beats_output: true
postgres_output: false
###########################################
# BEATS OUTPUT CONFIGURATION FROM HERE ON #
###########################################
#-------------------------- Elasticsearch output -------------------------------
output.elasticsearch:
# Boolean flag to enable or disable the output module.
enabled: false
hosts: ["localhost:9200"]
#----------------------------- Console output ---------------------------------
output.console:
# Boolean flag to enable or disable the output module.
enabled: true
# Pretty print json event
pretty: true
#############################################################
# see threatseer.full.yml for more outputs and more options #
#############################################################