add es basicauth

.circleci/config.yml

@@ -3,15 +3,15 @@ jobs:
   build:
     working_directory: /app
     docker:
-      - image: docker:17.10.0-ce
+      - image: docker:18.03.1-ce-git
     steps:
       - checkout
       - setup_remote_docker:
-          version: 17.10.0-ce
+          version: 18.03.1-ce
       - run:
           name: Install dependencies
           command: |
-            apk add --no-cache curl jq
+            apk add --no-cache jq
       - restore_cache:
           keys:
             - v1-{{ .Branch }}

Gopkg.toml

@@ -47,7 +47,7 @@
 
 [[constraint]]
   branch = "master"
-  name = "github.com/malice-plugins/go-plugin-utils"
+  name = "github.com/malice-plugins/pkgs"
 
 [[constraint]]
   name = "github.com/parnurzeal/gorequest"

LICENSE

@@ -212,7 +212,7 @@ Apache License
       same "printed page" as the copyright notice for easier
       identification within third-party archives.
 
-   Copyright [yyyy] [name of copyright owner]
+   Copyright 2016 blacktop
 
    Licensed under the Apache License, Version 2.0 (the "License");
    you may not use this file except in compliance with the License.

README.md

@@ -2,7 +2,7 @@
 
 # malice-yara
 
-[![Circle CI](https://circleci.com/gh/malice-plugins/yara.png?style=shield)](https://circleci.com/gh/malice-plugins/yara) [![License](http://img.shields.io/:license-mit-blue.svg)](http://doge.mit-license.org) [![Docker Stars](https://img.shields.io/docker/stars/malice/yara.svg)](https://hub.docker.com/r/malice/yara/) [![Docker Pulls](https://img.shields.io/docker/pulls/malice/yara.svg)](https://hub.docker.com/r/malice/yara/) [![Docker Image](https://img.shields.io/badge/docker%20image-51.9MB-blue.svg)](https://hub.docker.com/r/malice/virustotal/)
+[![Circle CI](https://circleci.com/gh/malice-plugins/yara.png?style=shield)](https://circleci.com/gh/malice-plugins/yara) [![License](https://img.shields.io/badge/licence-Apache%202.0-blue.svg)](LICENSE) [![Docker Stars](https://img.shields.io/docker/stars/malice/yara.svg)](https://hub.docker.com/r/malice/yara/) [![Docker Pulls](https://img.shields.io/docker/pulls/malice/yara.svg)](https://hub.docker.com/r/malice/yara/) [![Docker Image](https://img.shields.io/badge/docker%20image-53.2MB-blue.svg)](https://hub.docker.com/r/malice/virustotal/)
 
 Malice Yara Plugin
 
@@ -43,25 +43,25 @@ Usage: yara [OPTIONS] COMMAND [arg...]
 
 Malice YARA Plugin
 
-Version: v0.1.0, BuildTime: 20170123
+Version: v0.1.0, BuildTime: 20180902
 
 Author:
   blacktop - <https://github.com/blacktop>
 
 Options:
-  --verbose, -V		verbose output
-  --elasitcsearch value elasitcsearch address for Malice to store results [$MALICE_ELASTICSEARCH]
-  --timeout value       malice plugin timeout (in seconds) (default: 60) [$MALICE_TIMEOUT]
-  --callback, -c	    POST results to Malice webhook [$MALICE_ENDPOINT]
-  --timeout value       malice plugin timeout (in seconds) (default: 60) [$MALICE_TIMEOUT]
-  --proxy, -x		proxy settings for Malice webhook endpoint [$MALICE_PROXY]
-  --table, -t		output as Markdown table
-  --rules value		YARA rules directory (default: "/rules")
-  --help, -h		show help
-  --version, -v		print the version
+  --verbose, -V          verbose output
+  --elasticsearch value  elasticsearch url for Malice to store results [$MALICE_ELASTICSEARCH_URL]
+  --callback, -c         POST results to Malice webhook [$MALICE_ENDPOINT]
+  --proxy, -x            proxy settings for Malice webhook endpoint [$MALICE_PROXY]
+  --table, -t            output as Markdown table
+  --timeout value        malice plugin timeout (in seconds) (default: 60) [$MALICE_TIMEOUT]
+  --rules value          YARA rules directory (default: "/rules")
+  --help, -h             show help
+  --version, -v          print the version
 
 Commands:
-  help	Shows a list of commands or help for one command
+  web   Create a Yara web service
+  help  Shows a list of commands or help for one command
 
 Run 'yara COMMAND --help' for more information on a command.
 ```

config.toml

@@ -0,0 +1,14 @@
+# malice/yara plugin configuration.
+
+name = 'yara'
+description = 'Malice Yara Plugin'
+category = 'av'
+version = '0.1.0'
+
+accepts = [ '*' ]
+
+[system]
+cpu = 0.5
+ram = 256 # MB
+
+[settings]