forked from aquasecurity/postee
-
Notifications
You must be signed in to change notification settings - Fork 0
/
cfg.yaml
121 lines (110 loc) · 7.21 KB
/
cfg.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
---
- type: common # Common settings for all plugins
AquaServer: # url of Aqua Server for links. E.g. https://myserver.aquasec.com
Max_DB_Size: 1000 # Max size of DB. MB. if empty then unlimited
Delete_Old_Data: 10 # delete data older than N day(s). If empty then we do not delete.
DbVerifyInterval: 1 # hours. an Interval between tests of DB. Default: 1 hour
- name: my-jira # name must be unique
type: jira # supported types: jira, email
enable: true
url: # Mandatory. E.g "https://johndoe.atlassian.net"
user: # Mandatory. E.g :johndoe@gmail.com"
password: # Mandatory. Specify Jira user API key
project_key: # Mandatory. Specify the JIRA product key
tls_verify: false
board: # Optional. Specify the Jira board name to open tickets on
labels: # Optional, specify array of labels to add to Ticket, for example: ["label1", "label2"]
issuetype: # Optional. Specifty the issue type to open (Bug, Task, etc.). Default is "Task"
priority: # Optional. Specify the issues severity. Default is "High"
assignee: # Optional. Specify the assigned user. Default is the user that opened the ticket
Policy-Min-Vulnerability: # Optional. The minimum vulnerability severity that triggers a ticket
Policy-Registry: # Optional. Comma separated list of registries that will trigger opening a ticket, for example: ["Docker Hub"]
Policy-Image-Name: # Optional. Comma separated list of images that will trigger opening a ticket, for example: ["alpine"]
Policy-Non-Compliant: # Optional. Open a ticket only if image is non-compliant (true) or in any case (false). Default is false
Policy-Show-All: # Optonal. Open a ticket even if a ticket was opened for same image with same amount of vulnerabilities. Default is false.
Ignore-Registry: # Optional. You can specify array of registry names to ignore.
Ignore-Image-Name: # Optional. You can specify array of image names to ignore.
Aggregate-Issues-Number: # a number of scans to aggregate into one ticket
Aggregate-Issues-Timeout: # number of seconds, minutes, hours to aggregate, maximum is 24 hours Xs or Xm or Xh)
- name: my-email
type: email
enable: true
user: # Mandatory: SMTP user name (e.g. johndoe@gmail.com)
password: # Mandatory: SMTP password
host: # Mandatory: SMTP host name (e.g. smtp.gmail.com)
port: # Mandatory: SMTP server port (e.g. 587)
sender: # Mandatory: The email address to use as a sender
recipients: ["", ""] # Mandatory: comma separated list of recipients
Policy-Min-Vulnerability: high # (what is the minimum vulnerability severity that triggers a ticket)
Policy-Registry: [alpine, Docker image] # Optional. Comma separated list of registries that will trigger opening a ticket
Policy-Image-Name: [alpine, alpine2] # Optional. Comma separated list of images that will trigger opening a ticket
Policy-Non-Compliant: true # Optional. Open a ticket only if image is non-compliant (true) or in any case (false)
Ignore-Registry: [] # Optional. You can specify array of registry names to ignore.
Ignore-Image-Name: [] # Optional. You can specify array of image names to ignore.
Policy-Only-Fix-Available: # Optional. Open ticket only if vulnerability has a fix (true or false)
- name: my-email-smtp-server
type: email
enable: true
UseMX: true
sender: # Mandatory: The email address to use as a sender
recipients: ["", ""] # Mandatory: comma separated list of recipients
Policy-Min-Vulnerability: high # (what is the minimum vulnerability severity that triggers a ticket)
Policy-Registry: [alpine, Docker image] # Optional. Comma separated list of registries that will trigger opening a ticket
Policy-Image-Name: [alpine, alpine2] # Optional. Comma separated list of images that will trigger opening a ticket
Policy-Non-Compliant: true # Optional. Open a ticket only if image is non-compliant (true) or in any case (false)
Ignore-Registry: [] # Optional. You can specify array of registry names to ignore.
Ignore-Image-Name: [] # Optional. You can specify array of image names to ignore.
Policy-Only-Fix-Available: # Optional. Open ticket only if vulnerability has a fix (true or false)
- name: my-other-email # this is an example for multiple integrations of same type
type: email
enable: true
user: # Mandatory: SMTP user name (e.g. johndoe@gmail.com)
password: # Mandatory: SMTP password
host: # Mandatory: SMTP host name (e.g. smtp.gmail.com)
port: # Mandatory: SMTP server port (e.g. 587)
sender: # Mandatory: The email address to use as a sender
recipients: ["", ""] # Mandatory: comma separated list of recipients
Policy-Min-Vulnerability: high # (what is the minimum vulnerability severity that triggers a ticket)
Policy-Registry: [] # Optional. Comma separated list of registries that will trigger opening a ticket, e.g. [Docker Hub]
Policy-Image-Name: [] # Optional. Comma separated list of images that will trigger opening a ticket, e.g. [alpine]
Policy-Non-Compliant: # Optional. Open a ticket only if image is non-compliant (true) or in any case (false)
Ignore-Registry: [] # Optional. You can specify array of registry names to ignore.
Ignore-Image-Name: [] # Optional. You can specify array of image names to ignore.
- name: my-slack
type: slack
enable: true
url: https://hooks.slack.com/services/TAAAA/BBB/<key>
Policy-Min-Vulnerability: # Optional (what is the minimum vulnerability severity that triggers a ticket)
Policy-Registry: # Optional. Comma separated list of registries that will trigger opening a ticket
Policy-Image-Name: # Optional. Comma separated list of images that will trigger opening a ticket
Policy-Non-Compliant: true # Optional. Open a ticket only if image is non-compliant (true) or in any case (false)
Ignore-Registry: # Optional. You can specify array of registry names to ignore.
Ignore-Image-Name: # Optional. You can specify array of image names to ignore.
- name: ms-team
type: teams
enable: true
url: https://outlook.office.com/webhook/.... # Webhook's url
Policy-OPA: ["/config/policy.rego"]
- name: webhook
type: webhook
enable: true
url: https://..../webhook/ # Webhook's url
- name: splunk
type: splunk
enable: true
url: http://localhost:8088 # Mandatory. Url of a Splunk server
token: <token> # Mandatory. a HTTP Event Collector Token
SizeLimit: 10000 # Optional. Maximum scan length, in bytes. Default: 10000
- name: my-servicenow
type: serviceNow
enable: true
user: # Mandatory. E.g :johndoe@gmail.com"
password: # Mandatory. Specify user API key
instance: # Mandatory. Name of ServiceN ow Instance
board: # Specify the ServiceNow board name to open tickets on. Default is "incident"
Policy-Min-Vulnerability: # (what is the minimum vulnerability severity that triggers a ticket)
Policy-Registry: # Optional. Comma separated list of registries that will trigger opening a ticket
Policy-Image-Name: # Optional. Comma separated list of images that will trigger opening a ticket
Policy-Non-Compliant: # Optional. Open a ticket only if image is non-compliant (true) or in any case (false)
Ignore-Registry: [] # Optional. You can specify array of registry names to ignore.
Ignore-Image-Name: [] # Optional. You can specify array of image names to ignore.