Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add proxy_url support to threatintel module's malwarebazaar fileset #28533

Merged
merged 3 commits into from
Oct 20, 2021
Merged
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Document all proxy_url options for threat_intel
adriansr committed Oct 19, 2021
commit ac18c23871d456c7740211befcc55065d01926b7
24 changes: 24 additions & 0 deletions filebeat/docs/modules/threatintel.asciidoc
Original file line number Diff line number Diff line change
@@ -64,6 +64,10 @@ The URL of the API endpoint to connect with.

How often the API is polled for updated information.

*`var.proxy_url`*::

Optional URL to use as HTTP proxy.

Abuse.ch URL Threat Intel is mapped to the following ECS fields.

[options="header"]
@@ -104,6 +108,10 @@ The URL of the API endpoint to connect with.

How often the API is polled for updated information.

*`var.proxy_url`*::

Optional URL to use as HTTP proxy.

Abuse.ch Malware Threat Intel is mapped to the following ECS fields.

[options="header"]
@@ -144,6 +152,10 @@ The URL of the API endpoint to connect with.

How often the API is polled for updated information.

*`var.proxy_url`*::

Optional URL to use as HTTP proxy.

Malware Bazaar Threat Intel is mapped to the following ECS fields.

[options="header"]
@@ -234,6 +246,10 @@ from the last response as the filter when retrieving new events.
List of filters to apply when retrieving new events from the MISP server, this
field is optional and defaults to all events.

*`var.proxy_url`*::

Optional URL to use as HTTP proxy.

MISP Threat Intel is mapped to the following ECS fields.

[options="header"]
@@ -310,6 +326,10 @@ possible types to filter on can be found in the
https://cybersecurity.att.com/documentation/usm-appliance/otx/about-otx.htm[AlientVault
OTX documentation].

*`var.proxy_url`*::

Optional URL to use as HTTP proxy.


OTX Threat Intel is mapped to the following ECS fields.

@@ -391,6 +411,10 @@ possible types to filter on can be found on the
https://oasis-open.github.io/cti-documentation/stix/intro.html#stix-21-objects[Stix
2.1 Object types] page.

*`var.proxy_url`*::

Optional URL to use as HTTP proxy.

Anomali Threat Intel is mapped to the following ECS fields.

[options="header"]
24 changes: 24 additions & 0 deletions x-pack/filebeat/module/threatintel/_meta/docs.asciidoc
Original file line number Diff line number Diff line change
@@ -59,6 +59,10 @@ The URL of the API endpoint to connect with.

How often the API is polled for updated information.

*`var.proxy_url`*::

Optional URL to use as HTTP proxy.

Abuse.ch URL Threat Intel is mapped to the following ECS fields.

[options="header"]
@@ -99,6 +103,10 @@ The URL of the API endpoint to connect with.

How often the API is polled for updated information.

*`var.proxy_url`*::

Optional URL to use as HTTP proxy.

Abuse.ch Malware Threat Intel is mapped to the following ECS fields.

[options="header"]
@@ -139,6 +147,10 @@ The URL of the API endpoint to connect with.

How often the API is polled for updated information.

*`var.proxy_url`*::

Optional URL to use as HTTP proxy.

Malware Bazaar Threat Intel is mapped to the following ECS fields.

[options="header"]
@@ -229,6 +241,10 @@ from the last response as the filter when retrieving new events.
List of filters to apply when retrieving new events from the MISP server, this
field is optional and defaults to all events.

*`var.proxy_url`*::

Optional URL to use as HTTP proxy.

MISP Threat Intel is mapped to the following ECS fields.

[options="header"]
@@ -305,6 +321,10 @@ possible types to filter on can be found in the
https://cybersecurity.att.com/documentation/usm-appliance/otx/about-otx.htm[AlientVault
OTX documentation].

*`var.proxy_url`*::

Optional URL to use as HTTP proxy.


OTX Threat Intel is mapped to the following ECS fields.

@@ -386,6 +406,10 @@ possible types to filter on can be found on the
https://oasis-open.github.io/cti-documentation/stix/intro.html#stix-21-objects[Stix
2.1 Object types] page.

*`var.proxy_url`*::

Optional URL to use as HTTP proxy.

Anomali Threat Intel is mapped to the following ECS fields.

[options="header"]