-
Notifications
You must be signed in to change notification settings - Fork 0
/
config_template.yaml
42 lines (37 loc) · 1.09 KB
/
config_template.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
# ids-tools configureation file
postgres:
db_name: "ids_database_name"
alert_table: "alerts_table_name"
stats_table: "stats_table_name"
user: "username"
password: "nottherealpassword"
host: "10.10.10.1"
port: "5432"
mail:
enabled: True
host: "smtp.smtphost.com"
port: 465
user: "user@email.com"
password: "mailpassword"
alert_user: "send_email_here@email.com"
alert_severity:
- 1
- 2
# Enrichment
# Local area network - These addresses are substituted for the default location
local_range: "192.168."
city_db_path: "GeoLite2-City.mmdb" # Absolute path to database
default_location:
country: "Canada"
city: "Banff"
geohash: "defaulthash" # Search for the correct Geohash of your location
apivoid:
enabled: True
key: "yourapikey"
url:
ip: "https://endpoint.apivoid.com/iprep/v1/pay-as-you-go/?key=%s&ip=%s"
domain: "https://endpoint.apivoid.com/domainbl/v1/pay-as-you-go/?key=%s&host=%s"
poll_frequency: 2 # frequency in seconds for tail
suspect_countries:
- "country1"
- "country2"