49 lines
6.4 KiB
Go
49 lines
6.4 KiB
Go
package config
|
|
|
|
// Config names
|
|
const (
|
|
Verbose = "verbose" // More information in log, default is false
|
|
Threads = "threads" // Number of working threads, default is 10
|
|
AggregatorUpdateWorkers = "aggregator.updater.workers" // Number of working threads for aggregator bulk update, default is 1
|
|
AggregatorBulkCount = "aggregator.updater.bulk_count" // Number of bulk requests for aggregated events, before flush will be called, default is 100
|
|
AggregatorBulkFlushInterval = "aggregator.updater.flush" // Time interval, after witch, flush will be called, default is 1m
|
|
AggregatorNormalizedWorkers = "aggregator.normalizer.workers" // Number of working threads for aggregator bulk update normalized events, default is 1
|
|
AggregatorNormalizerBulkCount = "aggregator.normalizer.bulk_count" // Number of bulk requests for normalized events, before flush will be called, default is 100
|
|
AggregatorNormalizedBulkFlushInterval = "aggregator.normalizer.flush" // Time interval, after witch, flush will be called, default is 1m
|
|
AggregatorIterationDuration = "aggregator.iteration" // How often aggregator will query for next bunch of normalized events. Default value is 30s
|
|
AggregatorWindow = "aggregator.window" // Aggregator inspection window size. Default value is 30s
|
|
CorrelatorWorkers = "correlator.workers" // Number of working threads for correlator bulk requests, default is 1
|
|
CorrelatorBulkCount = "correlator.bulk_count" // Number of bulk requests for aggregated events, before flush will be called, default is 100
|
|
CorrelatorFlushInterval = "correlator.flush" // Time interval, after witch, flush will be called, default is 1m
|
|
ApiPort = "correlator.api.port" // Port for correlator API. Default value is 5566
|
|
ConsoleUsername = "console.auth.username" // Username to work with AMC (console) web interface. No default value
|
|
ConsolePassword = "console.auth.password" // Password to work with AMC (console) web interface. No default value
|
|
ConsoleUrlToken = "console.url.token" // Url to obtain auth token from web interface. No default value
|
|
ConsoleUrlIncident = "console.url.incident" // Url to create incident in web interface. No default value
|
|
ConsoleUrlAsset = "console.url.asset" // Url to create asset in web interface. No default value
|
|
ConsoleIgnoreSSLErrors = "console.ignore_ssl_errors" // If true, all connections to console will ignore SSL errors. Default if true
|
|
DebugDumpRequest = "debug.dump" // Dump all network request/responses. Default is false
|
|
DebugDumpPath = "debug.path" // Path, where to store debug dumps
|
|
SyslogTag = "syslog.tag" // Tag for syslog action. Default is "correlaor"
|
|
LogFileName = "log.filename" // Where to write logs. Default is "correlator.log"
|
|
LogMaxSize = "log.max_size" // Max size of log file before rotation. Default is 100
|
|
LogMaxBkup = "log.max_bkup" // How many old logs files exist. Default is 10
|
|
LogMaxAge = "log.max_age" // How long we need to keep old log files. Default is 10
|
|
LogCompress = "log.compress" // Should we compress ol log files. Default is true
|
|
LogLevel = "log.level" // Verbosity of logging. Default is 2. Max is 6 (trace)
|
|
LogFormatter = "log.formatter" // Formatter type. Valid values are "json" and "text". Default is "json"
|
|
LogForceColors = "log.force_colors" // If formatter is "text", this option enable color output for logging. Default is false
|
|
ElasticAggregatedIndexName = "elastic.aggregated_index" // Index pattern for aggregator, default is aggregated-2006.01.02
|
|
ElasticNormalizedIndexName = "elastic.normalized_index" // Index pattern for correlator, default is arma-*. Warning! If changed, need to change logstash settings
|
|
ElasticUrl = "elastic.url" // URL for elasticsearch access. No default value
|
|
ElasticUsername = "elastic.username" // Username for elasticsearch access. No default value
|
|
ElasticPassword = "elastic.password" // Password for elasticsearch access. No default value
|
|
ElasticRetryCount = "elastic.retry.count" // How many times should we retry to connect to elasticsearch. Default is 10
|
|
ElasticConnectionTimeout = "elastic.retry.timeout" // How long must we wait before next connection attempt. Default is 20s
|
|
ElasticLogQuery = "elastic.log.query" // Log every elasticsearch query we call. Default is false
|
|
ElasticLogEncodeQuery = "elastic.log.encode_query" // Encode elasticsearch query with base64. Default is false
|
|
ElasticIgnoreSSLErrors = "elastic.ignore_ssl_errors" // If true, elastic client will ignore HTTPS errors. Default is true
|
|
ActionFirewallRuleIgnoreSSLErrors = "actions.firewall_rule.ignore_ssl_errors" // If true, firewall rule action will ignore SSL errors. Default if true
|
|
AggregatedFields = "events_fields" // List of fields for aggregation
|
|
ScrollSize = "scroll_size" // Size specifies the number of documents Elasticsearch should return from each shard, per page
|
|
)
|