vulnerability-detection

This section covers the configuration for the Vulnerability detection module.

Options

Options	Allowed values
enabled	`yes`, `no`
feed-update-interval	Positive number + Time unit suffix
index-status	`yes`, `no`

enabled

Enables the vulnerability detection module.

Default	`yes`
Allowed values	`yes`, `no`

feed-update-interval

Time interval for periodic feed updates.

Default	`60m`
Allowed values	A positive number containing a time unit suffix character. For example `2h` for 2 hours

index-status

Enables indexing of vulnerability inventory data.

Default	`yes`
Allowed values	`yes`, `no`

interval

Deprecated since version 4.8.0.

run_on_start

Deprecated since version 4.8.0.

retry_interval

Deprecated since version 4.8.0.

provider

Deprecated since version 4.8.0.

Example of configuration

<vulnerability-detection>
   <enabled>yes</enabled>
   <index-status>yes</index-status>
   <feed-update-interval>60m</feed-update-interval>
</vulnerability-detection>

<indexer>
   <enabled>yes</enabled>
   <hosts>
      <host>https://0.0.0.0:9200</host>
   </hosts>
   <username>admin</username>
   <password>admin</password>
   <ssl>
      <certificate_authorities>
      <ca>/etc/filebeat/certs/root-ca.pem</ca>
      </certificate_authorities>
      <certificate>/etc/filebeat/certs/filebeat.pem</certificate>
      <key>/etc/filebeat/certs/filebeat-key.pem</key>
   </ssl>
</indexer>