-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathquix.yaml
196 lines (193 loc) · 5.24 KB
/
quix.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
# Quix Project Descriptor
# This file describes the data pipeline and configuration of resources of a Quix Project.
metadata:
version: 1.0
# This section describes the Deployments of the data pipeline
deployments:
- name: Zeek Http log gen
application: Zeek Http log gen
deploymentType: Service
version: 20fb03479ac44813f938d4146a4ac4223fadab26
resources:
cpu: 200
memory: 500
replicas: 1
desiredStatus: Running
variables:
- name: Topic
inputType: OutputTopic
description: Name of the output topic to write into
required: true
value: zeek-http-logs
- name: Zeek Http Siem Detection
application: Siem-detection
deploymentType: Service
version: 99549ffadb169100278f3aa663ee5ee1e374912c
resources:
cpu: 200
memory: 500
replicas: 1
desiredStatus: Running
variables:
- name: log_data
inputType: InputTopic
description: This is the input topic for log data
required: true
value: zeek-http-logs
- name: alerts
inputType: OutputTopic
description: This is the output topic for siem alerts
required: true
value: alerts
- name: log_info
inputType: FreeText
description: Consumes zeek logs
required: false
value: zeek
- name: Authentication log gen
application: Authentication log gen
deploymentType: Service
version: e07b4aa745f27cadb9fdbdf87b35b9a917a44ecf
resources:
cpu: 200
memory: 500
replicas: 1
desiredStatus: Running
variables:
- name: Topic
inputType: OutputTopic
description: Name of the output topic to write into
required: true
value: authentication-linux-logs
- name: Auth Linux Siem Detection
application: Siem-detection
deploymentType: Service
version: 927a2e366d82b3691bfa865f6b3e48a1c83ba41d
resources:
cpu: 200
memory: 500
replicas: 1
desiredStatus: Running
variables:
- name: log_data
inputType: InputTopic
description: This is the input topic for log data
required: true
value: authentication-linux-logs
- name: alerts
inputType: OutputTopic
description: This is the output topic for siem alerts
required: true
value: alerts
- name: log_info
inputType: FreeText
description: Consumes zeek logs
required: false
value: authentication-linux
- name: Firewall log gen
application: Firewall log gen
deploymentType: Service
version: 4abf5ceadc7b9877ba0f55616c05a859d7ae1d40
resources:
cpu: 200
memory: 500
replicas: 1
desiredStatus: Running
variables:
- name: Topic
inputType: OutputTopic
description: Name of the output topic to write into
required: true
value: zeek-firewall-logs
- name: Zeek Firewall Siem Detection
application: Siem-detection
deploymentType: Service
version: d1d8cedccfd07352abc7f9377594deb4c4e4e3a5
resources:
cpu: 200
memory: 500
replicas: 1
desiredStatus: Running
variables:
- name: log_data
inputType: InputTopic
description: This is the input topic for log data
required: true
value: zeek-firewall-logs
- name: alerts
inputType: OutputTopic
description: This is the output topic for siem alerts
required: true
value: alerts
- name: log_info
inputType: FreeText
description: Consumes zeek logs
required: false
value: zeek
- name: UI
application: UI
deploymentType: Service
version: 48f72687ee163ed11a69512d8acbaf3659b1aa96
resources:
cpu: 200
memory: 500
replicas: 1
publicAccess:
enabled: true
urlPrefix: ui-387fb49
desiredStatus: Running
variables:
- name: input
inputType: InputTopic
description: The topic to read from
required: true
value: alert_events
- name: bearer_token
inputType: FreeText
description: ''
required: false
value: {{ pat_token }}
# This section describes the Topics of the data pipeline
topics:
- name: alert_events
persisted: false
configuration:
partitions: 1
replicationFactor: 2
retentionInMinutes: 1440
retentionInBytes: 52428800
- name: zeek-http-logs
persisted: false
configuration:
partitions: 1
replicationFactor: 2
retentionInMinutes: 1440
retentionInBytes: 52428800
- name: zeek-firewall-logs
persisted: false
configuration:
partitions: 1
replicationFactor: 2
retentionInMinutes: 1440
retentionInBytes: 52428800
- name: authentication-linux-logs
persisted: false
configuration:
partitions: 1
replicationFactor: 2
retentionInMinutes: 1440
retentionInBytes: 52428800
- name: alerts
persisted: false
configuration:
partitions: 1
replicationFactor: 2
retentionInMinutes: 1440
retentionInBytes: 52428800
- name: sigma-rules
persisted: false
configuration:
partitions: 1
replicationFactor: 2
retentionInMinutes: 14400
retentionInBytes: 52428800