This repository has been archived by the owner on Sep 14, 2019. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 235
/
mig-agent.cfg.inc
85 lines (64 loc) · 3.04 KB
/
mig-agent.cfg.inc
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
; Sample MIG Agent configuration file
[agent]
; connection string to the MIG relay. must contain credentials.
relay = "amqp://guest:guest@localhost:5672/"
; location of the mig api
api = "http://localhost:1664/api/v1/"
; location of the local stat socket
socket = "127.0.0.1:51664"
; frequency at which heartbeat messages are sent to the MIG relay
heartbeatfreq = "300s"
; timeout after which a module that has not finished is killed by the agent
moduletimeout = "300s"
; in immortal mode, the agent that encounter a fatal error
; will attempt to restart itself instead of just shutting down
isimmortal = on
; comma delimited list of host:port proxies to use, if desired
; the agent will attempt to try to proxies for public ip retrieval
; and the relay connection before a direct connection
; proxies = "proxy1:8888,proxy2:8888"
; installservice orders the agent to deploy a service init configuration
; and start itself during the endpoint's boot process
installservice = on
; attempt to retrieve the public IP behind which the agent is running
discoverpublicip = off
; in check-in mode, the agent connects to the relay, runs all pending commands
; and exits. this mode is used to run the agent as a cron job, not a daemon.
checkin = off
; how often should the agent refresh its own environment (for example, to update
; the environment if the system changes ip addresses. leave unset or "" to disable
; periodic environment refresh. on workstations or other devices that may be
; obtaining dhcp leases and moving around, you might want to start with something
; like "5m"
refreshenv = ""
; mask meta-data such as file names in search results from this agent. note that
; honoring this flag is up to the module, and not all modules may consider
; it. the default is off.
; extraprivacymode = off
; if true, persistent modules will not be executed by the agent
; nopersistmods = off
; if true, only the investigator's public key is verified on actions and not ACLs.
onlyVerifyPubKey = false
; Tags can be specified for a given agent at compile-time using the agent built-in
; configuration TAGS value. Additional tags can be included in the configuration file
; here if desired to override or extend the tags the agent has already been compiled
; with.
; tags = "tagname:tagvalue"
[stats]
; number of previous actions the agent should keep a summary for. the summary can
; be viewed over the agent stat socket. 0 to disable.
maxactions = 15
[certs]
ca = "/path/to/ca/cert"
cert= "/path/to/client/cert"
key = "/path/to/private/key"
[logging]
mode = "stdout" ; stdout | file | syslog
level = "debug"
; for file logging
; file = "mig_scheduler.log"
; maxfilesize = 0 ; if > 0, log file will be rotated once it reaches size
; for syslog, logs go into local3
; host = "localhost"
; port = 514
; protocol = "udp"