Configuring a proxy for threat feeds

You might need to route traffic through a proxy if you route through a proxy to access websvc.resilientsystems.com or a threat feed that is hosted externally and you use the resutil threaserviceedit command.

Enter the following commands to configure a proxy for threat feed access.
sudo resutil configset -key proxyhost -svalue PROXYSERVER 
sudo resutil configset -key proxyport -ivalue PROXYPORT
If a username and password is needed, then run the following command.
sudo resutil configset -key proxyuser -svalue PROXYUSER 
sudo resutil keyvaultset -name proxy -stdin
 <Password for proxy>
EOF(Ctrl+D)
You can test that the password was applied.
sudo resutil keyvaultget -name proxy
After you run the commands, you need to restart the SOAR Platform.
sudo systemctl restart resilient
You can run the following command to check whether a proxy is already configured.
sudo resutil configget -key proxyhost
sudo resutil configget -key proxyport

When you set the proxy host value, you might not need to add HTTP:// to the beginning of the IP address or FQHN of your proxy. The SOAR Platform by default uses HTTP to connect to your proxy.

If you need to disable the proxy setting, use the following commands.
sudo resutil configset --delete -key proxyhost
sudo resutil configset --delete -key proxyport
sudo resutil configset --delete -key proxyuser
After, restart the SOAR Platform.
sudo systemctl restart resilient