-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy path.env
43 lines (35 loc) · 1.18 KB
/
.env
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
# Nethive configuration
LISTEN_IFACE="eth0"
# MySQL Information
MYSQL_USER="maintainer"
MYSQL_PASS="sudooffensive"
MYSQL_HOSTNAME="127.0.0.1"
MYSQL_DB="nethive"
# Log File paths to be monitored
AUDIT_LOG_PATH="/var/log/audit/audit.log"
MYSQL_SLOW_QUERY_LOG_PATH="/var/log/mysql/slow-query.log"
PARSED_SLOW_QUERY_LOG_PATH="/var/log/mysql/slog.log"
SQL_RESPONSE_LOG_PATH="/var/log/mysql/responses.log"
HTTP_LOG_PATH="/var/log/http/inbound.log"
CENTRALIZED_BASH_HISTORY_PATH="/var/log/bash/history.log"
# Auditbeat configuration
AUDITBEAT_PATH="/etc/auditbeat"
AUDITBEAT_CONFIG_PATH="${AUDITBEAT_PATH}/auditbeat.yml"
AUDITBEAT_RULES_PATH="${AUDITBEAT_PATH}/audit.rules.d/auditbeat.rules"
# Filebeat configuration
FILEBEAT_PATH="/etc/filebeat"
FILEBEAT_CONFIG_PATH="${FILEBEAT_PATH}/filebeat.yml"
# Packetbeat configuration
PACKETBEAT_PATH="/etc/packetbeat"
PACKETBEAT_CONFIG_PATH="${PACKETBEAT_PATH}/packetbeat.yml"
# Connection
LOGSTASH_HOST="127.0.0.1"
LOGSTASH_PORT=5000
AUDIT_CONTROL_HOST="127.0.0.1"
AUDIT_CONTROL_PORT="5129"
XSS_WATCHMAN_SOCKET="/tmp/xss_auditor.sock"
# Kafka configuration
KAFKA_TOPIC="NETHIVES"
KAFKA_BOOTSTRAP_SERVER="localhost:9092"
# docker-elk configuration
ELK_VERSION=7.4.1