-
Notifications
You must be signed in to change notification settings - Fork 0
/
Elasticsearch_NAME.json.template
80 lines (80 loc) · 1.98 KB
/
Elasticsearch_NAME.json.template
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
{
"name": "Elasticsearch_XXXX",
"version": "1.0",
"author": "XXXX",
"url": "https://github.com/TheHive-Project/Cortex-Analyzers",
"license": "AGPL-V3",
"description": "Make queries from observables to Elasticsearch",
"dataTypeList": ["XXXX", "XXXX", ...],
"baseConfig": "Elasticsearch",
"config": {
"service": "es-query",
"query": "XXXX"
},
"configurationItems": [
{
"name": "host",
"description": "Elasticsearch Hostname",
"type": "string",
"multi": true,
"required": true,
"defaultValue": "localhost"
},
{
"name": "port",
"description": "Elasticsearch Port",
"type": "number",
"multi": false,
"required": false,
"defaultValue": 9200
},
{
"name": "https",
"description": "Should talk to Elasticsearch API using HTTP or HTTPS",
"type": "boolean",
"multi": false,
"required": false,
"defaultValue": true
},
{
"name": "username",
"description": "Should talk to Elasticsearch API with this username",
"type": "string",
"multi": false,
"required": false,
"defaultValue": ""
},
{
"name": "password",
"description": "Should talk to Elasticsearch API with this password",
"type": "string",
"multi": false,
"required": false,
"defaultValue": ""
},
{
"name": "index",
"description": "Elasticsearch Index to query",
"type": "string",
"multi": false,
"required": false,
"defaultValue": "logstash-*"
},
{
"name": "cert_check",
"description": "Verify server certificate",
"type": "boolean",
"multi": false,
"required": true,
"defaultValue": false
},
{
"name": "cert_path",
"description": "Path to the CA on the system used to check server certificate",
"type": "string",
"multi": false,
"required": false
}
],
"command": "Elasticsearch/elasticsearch_analyzer.py"
}