# Kibana is served by a back end server. This setting specifies the port to use. #server.port: 5601 # Specifies the address to which the Kibana server will bind. IP addresses and host names are both valid values. # The default is 'localhost', which usually means remote machines will not be able to connect. # To allow connections from remote users, set this parameter to a non-loopback address. server.host: "ubuntu" # Enables you to specify a path to mount Kibana at if you are running behind a proxy. This only affects # the URLs generated by Kibana, your proxy is expected to remove the basePath value before forwarding requests # to Kibana. This setting cannot end in a slash. #server.basePath: "" # The maximum payload size in bytes for incoming server requests. server.maxPayloadBytes: 30048576 # The Kibana server's name. This is used for display purposes. #server.name: "your-hostname" # The URL of the Elasticsearch instance to use for all your queries. elasticsearch.url: "https://ubuntu:9200" # When this setting's value is true Kibana uses the hostname specified in the server.host # setting. When the value of this setting is false, Kibana uses the hostname of the host # that connects to this Kibana instance. #elasticsearch.preserveHost: true # Kibana uses an index in Elasticsearch to store saved searches, visualizations and # dashboards. Kibana creates a new index if the index doesn't already exist. #kibana.index: ".kibana" # The default application to load. kibana.defaultAppId: "dashboard" # If your Elasticsearch is protected with basic authentication, these settings provide # the username and password that the Kibana server uses to perform maintenance on the Kibana # index at startup. Your Kibana users still need to authenticate with Elasticsearch, which # is proxied through the Kibana server. #elasticsearch.username: "user" #elasticsearch.password: "pass" elasticsearch.username: "admin" elasticsearch.password: "admin" # Enables SSL and paths to the PEM-format SSL certificate and SSL key files, respectively. # These settings enable SSL for outgoing requests from the Kibana server to the browser. #server.ssl.enabled: false #server.ssl.certificate: /path/to/your/server.crt #server.ssl.key: /path/to/your/server.key server.ssl.enabled: true server.ssl.certificate: /opt/siren/config/certs/siren.crt server.ssl.key: /opt/siren/config/certs/siren.key elasticsearch.ssl.certificateAuthorities: [ "/opt/siren/config/certs/root-ca.pem" ] # Optional settings that provide the paths to the PEM-format SSL certificate and key files. # These files validate that your Elasticsearch backend uses the same key files. #elasticsearch.ssl.certificate: /path/to/your/client.crt #elasticsearch.ssl.key: /path/to/your/client.key # Optional setting that enables you to specify a path to the PEM file for the certificate # authority for your Elasticsearch instance. #elasticsearch.ssl.certificateAuthorities: [ "/path/to/your/CA.pem" ] # To disregard the validity of SSL certificates, change this setting's value to 'none'. #elasticsearch.ssl.verificationMode: none # Time in milliseconds to wait for Elasticsearch to respond to pings. Defaults to the value of # the elasticsearch.requestTimeout setting. #elasticsearch.pingTimeout: 1500 # Time in milliseconds to wait for responses from the back end or Elasticsearch. This value # must be a positive integer. #elasticsearch.requestTimeout: 30000 # List of Kibana client-side headers to send to Elasticsearch. To send *no* client-side # headers, set this value to [] (an empty list). #elasticsearch.requestHeadersWhitelist: [ authorization ] # Header names and values that are sent to Elasticsearch. Any custom headers cannot be overwritten # by client-side headers, regardless of the elasticsearch.requestHeadersWhitelist configuration. #elasticsearch.customHeaders: {} # Time in milliseconds for Elasticsearch to wait for responses from shards. Set to 0 to disable. #elasticsearch.shardTimeout: 0 # Time in milliseconds to wait for Elasticsearch at Kibana startup before retrying. #elasticsearch.startupTimeout: 5000 # Specifies the path where Kibana creates the process ID file. #pid.file: /var/run/kibana.pid # Enables you specify a file where Kibana stores log output. #logging.dest: stdout logging.dest: /opt/siren/logs/log.txt # Set the value of this setting to true to suppress all logging output. #logging.silent: false # Set the value of this setting to true to suppress all logging output other than error messages. logging.quiet: false # Set the value of this setting to true to log all events, including system usage information # and all requests. logging.verbose: true # Set the interval in milliseconds to sample system and process performance # metrics. Minimum is 100ms. Defaults to 5000. #ops.interval: 5000 # Kibi default configuration investigate_core: load_jdbc: false datasource_encryption_algorithm: 'AES-GCM' datasource_encryption_key: 'iSxvZRYisyUW33FreTBSyJJ34KpEquWznUPDvn+ka14=' datasource_cache_size: 501 elasticsearch: auth_plugin: searchguard # Gremlin server configuration gremlin_server: # change the scheme to https after enabling SSL for Gremlin url: https://ubuntu:8061 path: gremlin_server/gremlin-server.jar # log_conf_path: gremlin_server/gremlin-server-log.properties ssl: key_store: "/opt/siren/config/certs/CN=ubuntu-keystore.jks" key_store_password: "120539bc682a99d6810e" ca: "/opt/siren/config/certs/root-ca.pem" investigate_access_control: enabled: true acl: enabled: true cookie: secure: false password: '12345678123456781234567812345678' admin_role: investigate_admin sirenalert: elasticsearch: username: admin password: admin backends: searchguard: admin.ssl.cert: /opt/siren/config/certs/CN=sgadmin.crtfull.pem admin.ssl.key: /opt/siren/config/certs/CN=sgadmin.key.pem admin.ssl.keyPassphrase: "0b469c7b805294f9a85c" # Sentinl configuration sentinl: app_name: 'Siren Alert'