-
Notifications
You must be signed in to change notification settings - Fork 1
/
vautour.yaml
68 lines (68 loc) · 1.44 KB
/
vautour.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
vautour:
modules:
# queues
redis:
driver: redis
addr: redis:6379
password: ""
db: 0
#network: tcp/unix
#maxRetries: 3
#minRetryBackoff: 8ms
#maxRetryBackoff: 512ms
#dialTimeout: 5s
#readTimeout: 3s
#writeTimeout: 3s
#poolSize: 10 * CPUs
#minIdleConns: 10
#maxConnAge: 0
#poolTimeout: 4s
#idleTimeout: 300s
#idleCheckFrequency: 60s
#tlsConfig: (see https://golang.org/pkg/crypto/tls/#Config)
# inputs
pastebin:
driver: pastebin
interval: 15s # <= 0 to disable the input (scrape only)
# processors
yara:
driver: yara
path: config/rules/_index.yar
# outputs
elasticsearch:
driver: elasticsearch
timeout: 3s
url: http://elasticsearch:9200
#index: vautour
#shards: 1
#replicas: 0
#sniff: false
#healthcheck: true
#infolog:
#errorlog:
#tracelog:
mailer:
driver: mailer
minscore: 5
#recipients: []
smtp:
#host: localhost
#port: 587
#username:
#password:
#fromaddr:
#fromalias:
#usecommand: true (true: use mail command; false: use smtp)
queues:
module: redis
inputs:
modules: [pastebin]
scrapers:
modules: [pastebin]
threads: 2
processors:
modules: [yara]
threads: 2
outputs:
modules: [elasticsearch, mailer]
threads: 2