From 1cd140910ce8dec6f54adcb53da47859968f58ab Mon Sep 17 00:00:00 2001
From: kaiyan-sheng <kaiyan.sheng@elastic.co>
Date: Tue, 7 Jan 2020 07:59:38 -0700
Subject: [PATCH] [Filebeat] Update MISP module config file (#15261) (#15333)

* Update misp module config file

* Change URI to URL

(cherry picked from commit 84cef9bf639475d07018030557d0b1568cd5aa07)
---
 filebeat/docs/modules/misp.asciidoc             | 2 +-
 x-pack/filebeat/filebeat.reference.yml          | 8 ++++++++
 x-pack/filebeat/module/misp/_meta/config.yml    | 8 ++++++++
 x-pack/filebeat/module/misp/_meta/docs.asciidoc | 2 +-
 x-pack/filebeat/modules.d/misp.yml.disabled     | 8 ++++++++
 5 files changed, 26 insertions(+), 2 deletions(-)

diff --git a/filebeat/docs/modules/misp.asciidoc b/filebeat/docs/modules/misp.asciidoc
index 528415f6195..4460a443256 100644
--- a/filebeat/docs/modules/misp.asciidoc
+++ b/filebeat/docs/modules/misp.asciidoc
@@ -18,7 +18,7 @@ The configuration in the config.yml file uses the following format:
 
  * var.api_key: specifies the API key to access MISP.
  * var.json_objects_array: specifies the array object in MISP response, e.g., "response.Attribute".
- * var.url: URI of the MISP REST API, e.g., "http://x.x.x.x/attributes/restSearch"
+ * var.url: URL of the MISP REST API, e.g., "http://x.x.x.x/attributes/restSearch"
 
 [float]
 === Example dashboard
diff --git a/x-pack/filebeat/filebeat.reference.yml b/x-pack/filebeat/filebeat.reference.yml
index 1dd0337e817..5cb3b81eb64 100644
--- a/x-pack/filebeat/filebeat.reference.yml
+++ b/x-pack/filebeat/filebeat.reference.yml
@@ -408,6 +408,14 @@ filebeat.modules:
 - module: misp
   threat:
     enabled: true
+    # API key to access MISP
+    #var.api_key
+
+    # Array object in MISP response
+    #var.json_objects_array
+
+    # URL of the MISP REST API
+    #var.url
 
 #------------------------------- Mongodb Module -------------------------------
 #- module: mongodb
diff --git a/x-pack/filebeat/module/misp/_meta/config.yml b/x-pack/filebeat/module/misp/_meta/config.yml
index edd701a7394..26d45406425 100644
--- a/x-pack/filebeat/module/misp/_meta/config.yml
+++ b/x-pack/filebeat/module/misp/_meta/config.yml
@@ -1,3 +1,11 @@
 - module: misp
   threat:
     enabled: true
+    # API key to access MISP
+    #var.api_key
+
+    # Array object in MISP response
+    #var.json_objects_array
+
+    # URL of the MISP REST API
+    #var.url
diff --git a/x-pack/filebeat/module/misp/_meta/docs.asciidoc b/x-pack/filebeat/module/misp/_meta/docs.asciidoc
index f1b88d76f42..3f0eb441e6f 100644
--- a/x-pack/filebeat/module/misp/_meta/docs.asciidoc
+++ b/x-pack/filebeat/module/misp/_meta/docs.asciidoc
@@ -13,7 +13,7 @@ The configuration in the config.yml file uses the following format:
 
  * var.api_key: specifies the API key to access MISP.
  * var.json_objects_array: specifies the array object in MISP response, e.g., "response.Attribute".
- * var.url: URI of the MISP REST API, e.g., "http://x.x.x.x/attributes/restSearch"
+ * var.url: URL of the MISP REST API, e.g., "http://x.x.x.x/attributes/restSearch"
 
 [float]
 === Example dashboard
diff --git a/x-pack/filebeat/modules.d/misp.yml.disabled b/x-pack/filebeat/modules.d/misp.yml.disabled
index 70dcd458a65..b600fbc45db 100644
--- a/x-pack/filebeat/modules.d/misp.yml.disabled
+++ b/x-pack/filebeat/modules.d/misp.yml.disabled
@@ -4,3 +4,11 @@
 - module: misp
   threat:
     enabled: true
+    # API key to access MISP
+    #var.api_key
+
+    # Array object in MISP response
+    #var.json_objects_array
+
+    # URL of the MISP REST API
+    #var.url