| # |
| # Licensed to the Apache Software Foundation (ASF) under one or more |
| # contributor license agreements. See the NOTICE file distributed with |
| # this work for additional information regarding copyright ownership. |
| # The ASF licenses this file to You under the Apache License, Version 2.0 |
| # (the "License"); you may not use this file except in compliance with |
| # the License. You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, software |
| # distributed under the License is distributed on an "AS IS" BASIS, |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| # See the License for the specific language governing permissions and |
| # limitations under the License. |
| # |
| --- |
| # the ami for cent6 by region |
| amis_by_region: |
| us-east-1: ami-1c221e76 # US East (N. Virginia) |
| us-west-2: ami-05cf2265 # US West (Oregon) |
| us-west-1: ami-ac5f2fcc # US West (N. California) |
| eu-central-1: ami-2bf11444 # EU (Frankfurt) |
| eu-west-1: ami-edb9069e # EU (Ireland) |
| ap-south-1: ami-9b1c76f4 # Asia Pacific (Mumbai) |
| ap-southeast-1: ami-106aa373 # Asia Pacific (Singapore) |
| ap-southeast-2: ami-87d2f4e4 # Asia Pacific (Sydney) |
| ap-northeast-1: ami-fa3d3f94 # Asia Pacific (Tokyo) |
| ap-northeast-2: ami-56478938 # Asia Pacific (Seoul) |
| sa-east-1: ami-03b93b6f # South America (Sao Paulo) |
| |
| # ec2 |
| env: metron-test |
| region: us-west-2 |
| instance_type: m4.xlarge |
| volume_type: standard |
| key_name: metron-key |
| xvda_vol_size: 50 |
| xvdb_vol_size: 100 |
| xvdc_vol_size: 100 |
| image: "{{ amis_by_region[region] }}" |
| |
| # ambari |
| ambari_host: "{{ groups.ambari_master[0] }}" |
| ambari_port: 8080 |
| ambari_user: admin |
| ambari_password: admin |
| cluster_type: small_cluster |
| |
| # hbase |
| pcap_hbase_table: pcap |
| tracker_hbase_table: access_tracker |
| threatintel_hbase_table: threatintel |
| enrichment_hbase_table: enrichment |
| |
| # kafka |
| num_partitions: 3 |
| retention_in_gb: 25 |
| |
| # metron variables |
| metron_version: 0.6.0 |
| metron_directory: /usr/metron/{{ metron_version }} |
| |
| # sensors |
| install_snort: True |
| install_pycapa: True |
| install_bro: True |
| install_yaf: True |
| install_pcap_replay: True |
| install_tap: True |
| sensor_test_mode: True |
| pcap_replay_interface: tap0 |
| pcap_replay_home: /opt/pcap-replay |
| sniff_interface: tap0 |
| |
| # data directories |
| zookeeper_data_dir: "/data1/hadoop/zookeeper" |
| namenode_checkpoint_dir: "/data1/hadoop/hdfs/namesecondary" |
| namenode_name_dir: "/data1/hadoop/hdfs/namenode" |
| datanode_data_dir: "/data1/hadoop/hdfs/data,/data2/hadoop/hdfs/data" |
| journalnode_edits_dir: "/data1/hadoop/hdfs/journalnode" |
| nodemanager_local_dirs: "/data1/hadoop/yarn/local" |
| timeline_ldb_store_path: "/data1/hadoop/yarn/timeline" |
| timeline_ldb_state_path: "/data1/hadoop/yarn/timeline" |
| nodemanager_log_dirs: "/data1/hadoop/yarn/log" |
| jhs_recovery_store_ldb_path: "/data1/hadoop/mapreduce/jhs" |
| storm_local_dir: "/data1/hadoop/storm" |
| kafka_log_dirs: "/data2/kafka-log" |
| elasticsearch_data_dir: "/data1/elasticsearch,/data2/elasticsearch" |
| |
| # search |
| install_elasticsearch: True |
| install_solr: False |
| elasticsearch_transport_port: 9300 |
| ## The elasticsearch_network_interface must be in the form specified for Elasticsearch, with leading and trailing underscores. |
| elasticsearch_network_interface: _eth0_ |
| elasticsearch_web_port: 9200 |
