mirror of
https://github.com/telekom-security/tpotce.git
synced 2025-10-24 17:24:44 +00:00

ELK 7.6.0 is not ready for production, however it works if APM is enabled (disabled in config, so image wont build as precaution) Remove SISSDEN from ewsposter, suricata Bump suricata to 5.0.1 Alpine now support suricata incl. enabled JA3 support, move back to Alpine install
16 lines
407 B
YAML
16 lines
407 B
YAML
cluster.name: tpotcluster
|
|
node.name: "tpotcluster-node-01"
|
|
xpack.ml.enabled: false
|
|
xpack.security.enabled: false
|
|
xpack.ilm.enabled: false
|
|
path:
|
|
logs: /data/elk/log
|
|
data: /data/elk/data
|
|
http.host: 0.0.0.0
|
|
http.cors.enabled: true
|
|
http.cors.allow-origin: "*"
|
|
indices.query.bool.max_clause_count: 2000
|
|
cluster.initial_master_nodes:
|
|
- "tpotcluster-node-01"
|
|
discovery.zen.ping.unicast.hosts:
|
|
- localhost
|