Skip to content
Permalink
Branch: master
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
164 lines (131 sloc) 6.52 KB
---
###############################################################################
# :::==== :::==== :::===== ::: === :::= === :::=== :::======= #
# ::: === ::: === ::: ::: === :::===== ::: ::: === === #
# ======= === === === ====== ======== ===== === === === #
# === === === === === === === === ==== === === === #
# === === ====== ======= === === === === ====== === === #
###############################################################################
# This configuration file contains all the installation variables that
# affect the deployment of RockNSM. Take care when modifying these options.
# The defaults should be used unless you really know what you are doing!
###############################################################################
# Network Interface Configuration
###############################################################################
# The "rock_monifs:" listed below are the interfaces that were not detected
# as having an active IP address. Upon running the deploy script, these
# interfaces will be configured for monitoring (listening) operations.
# NOTE: management interfaces should *not* be listed here:
rock_monifs:
{% for item in rock_monifs %}
- {{ item }}
{% endfor %}
###############################################################################
# Sensor Resource Configuration
###############################################################################
# Set hostname and fqdn in inventory file
# Set the number of CPUs assigned to Bro:
bro_cpu: {{ bro_cpu }}
# Set the Elasticsearch cluster name:
es_cluster_name: {{ es_cluster_name }}
# Set the Elasticsearch cluster node name:
es_node_name: {{ es_node_name }}
# Set the value of Elasticsearch memory:
es_mem: {{ es_mem }}
###############################################################################
# Installation Source Configuration
###############################################################################
# The primary installation variable defines the ROCK installation method:
# ONLINE: used if the system may reach out to the internet
# OFFLINE: used if the system may *NOT* reach out to the internet
# The default value "False" will deploy using OFFLINE (local) repos.
# A value of "True" will perform an install using ONLINE mirrors.
rock_online_install: {{ rock_online_install }}
# If the above "rock_online_install:" variable is set to "True" see the
# following (ONLINE) installation options:
# (ONLINE) Enable RockNSM testing repos:
rock_enable_testing: {{ rock_enable_testing }}
# (ONLINE) Set the URL for the EPEL repo mirror:
epel_baseurl: {{ epel_baseurl }}
# (ONLINE) Set the URL for the EPEL GPG key:
epel_gpgurl: {{ epel_gpgurl }}
# (ONLINE) Set the URL for the Elastic repo mirror:
elastic_baseurl: {{ elastic_baseurl }}
# (ONLINE) Set the URL for the Elastic GPG key:
elastic_gpgurl: {{ elastic_gpgurl }}
# (ONLINE) Set the URL for the RockNSM repo mirror:
rocknsm_baseurl: {{ rocknsm_baseurl }}
# (ONLINE) Set the URL for the RockNSM GPG key:
rocknsm_gpgurl: {{ rocknsm_gpgurl }}
# If the above "rock_online_install:" variable is set to "False" see the
# following (OFFLINE) installation options:
# (OFFLINE) Disable the creation of a local repo file:
rock_disable_offline_repo: {{ rock_disable_offline_repo }}
# (OFFLINE) Set the path for local repo if doing an OFFLINE installation:
rocknsm_local_baseurl: {{ rocknsm_local_baseurl }}
# (OFFLINE) Set to enable or disable GPG checking for local repos:
# 1 = enabled
# 0 = disabled
rock_offline_gpgcheck: {{ rock_offline_gpgcheck }}
# (OFFLINE) the git repo used to checkout customized ROCK scripts for Bro:
bro_rockscripts_repo: {{ bro_rockscripts_repo }}
###############################################################################
# Data Retention Configuration
###############################################################################
# Set the interval in which Elasticsearch indexes are closed:
elastic_close_interval: {{ elastic_close_interval }}
# Set the interval in which Elasticsearch indexes are deleted:
elastic_delete_interval: {{ elastic_delete_interval }}
# Set value for Kafka retention (in hours):
kafka_retention: {{ kafka_retention }}
# Set value for Bro log retention (in days):
bro_log_retention: {{ bro_log_retention }}
# Set value for Bro statistics log retention (in days):
bro_stats_retention: {{ bro_stats_retention }}
# Set how often logrotate will roll Suricata log (in days):
suricata_retention: {{ suricata_retention }}
# Set value for FSF log retention (in days):
fsf_retention: {{ fsf_retention }}
###############################################################################
# ROCK Component Options
###############################################################################
# The following "with_" statements define what components of RockNSM are
# installed when running the deploy script:
with_stenographer: {{ with_stenographer }}
with_docket: {{ with_docket }}
with_bro: {{ with_bro }}
with_suricata: {{ with_suricata }}
with_snort: {{ with_snort }}
with_suricata_update: {{ with_suricata_update }}
with_logstash: {{ with_logstash }}
with_elasticsearch: {{ with_elasticsearch }}
with_kibana: {{ with_kibana }}
with_zookeeper: {{ with_zookeeper }}
with_kafka: {{ with_kafka }}
with_lighttpd: {{ with_lighttpd }}
with_fsf: {{ with_fsf }}
# The following "enable_" statements define what RockNSM component services
# are enabled (start automatically on system boot):
enable_stenographer: {{ enable_stenographer }}
enable_docket: {{ enable_docket }}
enable_bro: {{ enable_bro }}
enable_suricata: {{ enable_suricata }}
enable_snort: {{ enable_snort }}
enable_suricata_update: {{ enable_suricata_update }}
enable_logstash: {{ enable_logstash }}
enable_elasticsearch: {{ enable_elasticsearch }}
enable_kibana: {{ enable_kibana }}
enable_zookeeper: {{ enable_zookeeper }}
enable_kafka: {{ enable_kafka }}
enable_lighttpd: {{ enable_lighttpd }}
enable_fsf: {{ enable_fsf }}
enable_filebeat: {{ enable_filebeat }}
###############################################################################
# NEXT STEP: Deployment
###############################################################################
# Once the settings in this config file have been finalized, the next step is
# to run the "deploy_rock" script located at:
#
# /opt/rocknsm/rock/bin/deploy_rock.sh
#
# For more information refer to the full documentation at: https://rocknsm.io
You can’t perform that action at this time.