diff --git a/config/config.ini b/config/config.ini index ec5be19..6be8cb9 100644 --- a/config/config.ini +++ b/config/config.ini @@ -58,19 +58,19 @@ [workspaceone] # Workspace One section is applicable only when Workspace One backend is enabled in the [main] section. -# Uncomment to provide Workspace One token. Alternatively, use WORKSPACEONE_TOKEN variable +# Uncomment to provide Workspace One token. Alternatively, use WORKSPACEONE_TOKEN env variable #token = -# Uncomment to provide syslog host. Alternatively, use SYSLOG_HOST variable +# Uncomment to provide syslog host. Alternatively, use SYSLOG_HOST env variable #syslog_host = -# Uncomment to provide syslog port. Alternatively, use SYSLOG_PORT variable +# Uncomment to provide syslog port. Alternatively, use SYSLOG_PORT env variable #syslog_port = [chronicle] # Chronicle section is applicable only when Chronicle backend is enabled in the [main] section -# Uncomment to provide Google security key. Alternatively, use GOOGLE_SECURITY_KEY variable +# Uncomment to provide Google security key. Alternatively, use GOOGLE_SECURITY_KEY env variable #security_key = # Uncomment to provide Chronicle region (us, europe, asia-southeast1). Alternatively, use CHRONICLE_REGION variable diff --git a/config/defaults.ini b/config/defaults.ini index c27ac90..661bc31 100644 --- a/config/defaults.ini +++ b/config/defaults.ini @@ -36,3 +36,4 @@ syslog_port = 6514 [chronicle] security_key = +region = diff --git a/docs/chronicle/README.md b/docs/chronicle/README.md index f544091..a69fa71 100644 --- a/docs/chronicle/README.md +++ b/docs/chronicle/README.md @@ -41,6 +41,13 @@ echo -n $FALCON_CLIENT_SECRET | base64 echo -n $GOOGLE_SECURITY_KEY | base64 ``` +Set the region of your Chronicle cloud. + +``` + # Uncomment to provide Chronicle region (us, europe, asia-southeast1). Alternatively, use CHRONICLE_REGION variable + region = us +``` + ### Step 5: Deploy to kubernetes Ensure your kubectl command is configured to use kubernetes diff --git a/docs/chronicle/falcon-integration-gateway.yaml b/docs/chronicle/falcon-integration-gateway.yaml index fdb693b..38bc5a9 100644 --- a/docs/chronicle/falcon-integration-gateway.yaml +++ b/docs/chronicle/falcon-integration-gateway.yaml @@ -61,9 +61,12 @@ data: [chronicle] # Chronicle section is applicable only when Chronicle backend is enabled in the [main] section - # Uncomment to provide Google security key. Alternatively, use GOOGLE_SECURITY_KEY variable + # Uncomment to provide Google security key. Alternatively, use GOOGLE_SECURITY_KEY env variable #security_key = + # Uncomment to provide Chronicle region (us, europe, asia-southeast1). Alternatively, use CHRONICLE_REGION variable + #region = + --- apiVersion: apps/v1 kind: Deployment diff --git a/docs/listings/gke-chronicle/deployer/chart/falcon-integration-gateway/templates/configmap.yaml b/docs/listings/gke-chronicle/deployer/chart/falcon-integration-gateway/templates/configmap.yaml index facb751..16adf0c 100644 --- a/docs/listings/gke-chronicle/deployer/chart/falcon-integration-gateway/templates/configmap.yaml +++ b/docs/listings/gke-chronicle/deployer/chart/falcon-integration-gateway/templates/configmap.yaml @@ -59,3 +59,14 @@ data: {{- if .Values.falcon.integration_gateway.application_id }} application_id = {{ .Values.falcon.integration_gateway.application_id }} {{- end }} + + [chronicle] + # Chronicle section is applicable only when Chronicle backend is enabled in the [main] section + + # Uncomment to provide Google security key. Alternatively, use GOOGLE_SECURITY_KEY env variable + #security_key = + + # Uncomment to provide Chronicle region (us, europe, asia-southeast1). Alternatively, use CHRONICLE_REGION variable + {{- if .Values.chronicle.region }} + region = {{ .Values.chronicle.region }} + {{- end }} diff --git a/docs/listings/gke-chronicle/deployer/chart/falcon-integration-gateway/values.yaml b/docs/listings/gke-chronicle/deployer/chart/falcon-integration-gateway/values.yaml index 83c9a1f..ccdfb4e 100644 --- a/docs/listings/gke-chronicle/deployer/chart/falcon-integration-gateway/values.yaml +++ b/docs/listings/gke-chronicle/deployer/chart/falcon-integration-gateway/values.yaml @@ -5,6 +5,7 @@ chronicle: enabled: true google_security_key: + region: falcon: client_id: diff --git a/docs/listings/gke-chronicle/deployer/schema.yaml b/docs/listings/gke-chronicle/deployer/schema.yaml index 4a82753..53b8156 100644 --- a/docs/listings/gke-chronicle/deployer/schema.yaml +++ b/docs/listings/gke-chronicle/deployer/schema.yaml @@ -47,6 +47,11 @@ properties: type: string x-google-marketplace: type: MASKED_FIELD + chronicle.region: + type: string + x-google-marketplace: + type: STRING + default: us chronicle.google_security_key: type: string x-google-marketplace: @@ -59,6 +64,7 @@ required: - falcon.client_secret - falcon.cloud_region - chronicle.google_security_key +- chronicle.region form: - widget: help diff --git a/fig/backends/chronicle/README.md b/fig/backends/chronicle/README.md index 9f36f25..5180055 100644 --- a/fig/backends/chronicle/README.md +++ b/fig/backends/chronicle/README.md @@ -13,7 +13,7 @@ backends=CHRONICLE [chronicle] # Chronicle section is applicable only when Chronicle backend is enabled in the [main] section -# Uncomment to provide Google security key. Alternatively, use GOOGLE_SECURITY_KEY variable +# Uncomment to provide Google security key. Alternatively, use GOOGLE_SECURITY_KEY env variable #security_key = # Uncomment to provide Chronicle region (us, europe, asia-southeast1). Alternatively, use CHRONICLE_REGION variable diff --git a/fig/backends/workspaceone/README.md b/fig/backends/workspaceone/README.md index 79ce870..2e16945 100644 --- a/fig/backends/workspaceone/README.md +++ b/fig/backends/workspaceone/README.md @@ -13,10 +13,10 @@ backends=WORKSPACEONE [workspaceone] # Workspace One section is applicable only when Workspace One backend is enabled in the [main] section. -# Uncomment to provide Workspace One token. Alternatively, use WORKSPACEONE_TOKEN variable +# Uncomment to provide Workspace One token. Alternatively, use WORKSPACEONE_TOKEN env variable #token= -# Uncomment to provide syslog host. Alternatively, use SYSLOG_HOST variable +# Uncomment to provide syslog host. Alternatively, use SYSLOG_HOST env variable #syslog_host = ```