forked from elastic/integrations
/
httpjson.yml.hbs
110 lines (110 loc) · 3.53 KB
/
httpjson.yml.hbs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
config_version: 2
interval: {{interval}}
{{#if enable_request_tracer}}
request.tracer.filename: "../../logs/httpjson/http-request-trace-*.ndjson"
{{/if}}
{{#if proxy_url}}
request.proxy_url: {{proxy_url}}
{{/if}}
{{#if ssl}}
request.ssl: {{ssl}}
{{/if}}
request.method: POST
request.url: {{hostname}}/assets/export
{{#if http_client_timeout}}
request.timeout: {{http_client_timeout}}
{{/if}}
response.save_first_response: true
request.transforms:
- delete:
target: header.User-Agent
- set:
# Follow Tenable's format: https://developer.tenable.com/docs/user-agent-header
# NOTE: The "Build" version must be kept in sync with this package's version.
target: header.User-Agent
value: '[[userAgent "Integration/1.0 (Elastic; Tenable.io; Build/2.3.1)"]]'
- set:
target: header.X-ApiKeys
value: 'accessKey={{access_key}}; secretKey={{secret_key}};'
- set:
target: body.chunk_size
value: {{batch_size}}
value_type: int
- set:
target: body.filters.updated_at
value: '[[.cursor.last_event_ts]]'
default: '[[(now (parseDuration "-{{initial_interval}}")).Unix]]'
value_type: int
chain:
- while:
request.url: {{hostname}}/assets/export/$.export_uuid/status
request.method: GET
{{#if proxy_url}}
request.proxy_url: {{proxy_url}}
{{/if}}
{{#if ssl}}
request.ssl: {{ssl}}
{{/if}}
{{#if http_client_timeout}}
request.timeout: {{http_client_timeout}}
{{/if}}
replace: $.export_uuid
until: '[[ eq .last_response.body.status "FINISHED" ]]'
request.retry.max_attempts: {{retry_max_attempts}}
request.retry.wait_min: {{retry_wait_min}}
request.transforms:
- delete:
target: header.User-Agent
- set:
# Follow Tenable's format: https://developer.tenable.com/docs/user-agent-header
# NOTE: The "Build" version must be kept in sync with this package's version.
target: header.User-Agent
value: '[[userAgent "Integration/1.0 (Elastic; Tenable.io; Build/2.3.1)"]]'
- set:
target: header.X-ApiKeys
value: 'accessKey={{access_key}}; secretKey={{secret_key}};'
- step:
request.url: {{hostname}}/assets/export/$.export_uuid/chunks/$.chunks_available[:]
request.method: GET
{{#if proxy_url}}
request.proxy_url: {{proxy_url}}
{{/if}}
{{#if ssl}}
request.ssl: {{ssl}}
{{/if}}
{{#if http_client_timeout}}
request.timeout: {{http_client_timeout}}
{{/if}}
replace: $.chunks_available[:]
replace_with: '$.export_uuid,.first_response.body.export_uuid'
request.transforms:
- delete:
target: header.User-Agent
- set:
# Follow Tenable's format: https://developer.tenable.com/docs/user-agent-header
# NOTE: The "Build" version must be kept in sync with this package's version.
target: header.User-Agent
value: '[[userAgent "Integration/1.0 (Elastic; Tenable.io; Build/2.3.1)"]]'
- set:
target: header.X-ApiKeys
value: 'accessKey={{access_key}}; secretKey={{secret_key}};'
cursor:
last_event_ts:
value: '[[(now).Unix]]'
tags:
{{#if preserve_original_event}}
- preserve_original_event
{{/if}}
{{#if preserve_duplicate_custom_fields}}
- preserve_duplicate_custom_fields
{{/if}}
{{#each tags as |tag|}}
- {{tag}}
{{/each}}
{{#contains "forwarded" tags}}
publisher_pipeline.disable_host: true
{{/contains}}
{{#if processors}}
processors:
{{processors}}
{{/if}}