afmarulanda/wazuh-ansible-4.8.1
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #92 from wazuh/Issue-31_IPs

Browse Source 
Add multiple IPs option
This commit is contained in:
AlfonsoRBJ 2018-11-23 14:02:15 +01:00 committed by GitHub
commit 04bf1f5510
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
playbooks/wazuh-logstash.yml
View File

@ -1,3 +1,3 @@
- hosts: <your logstash host> - hosts: <your logstash host>
roles: roles:
- { role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-logstash, elasticsearch_network_host: 'localhost' } - { role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-logstash, elasticsearch_network_host: ["localhost"] }

5
roles/elastic-stack/ansible-logstash/defaults/main.yml
View File

@ -2,7 +2,10 @@
logstash_create_config: true logstash_create_config: true
logstash_input_beats: false logstash_input_beats: false
elasticsearch_network_host: "127.0.0.1" #You can introduce Multiples IPs
# elasticseacrh_network_host: ["Localhost1", "Localhost2", "Localhost3", ...]
elasticsearch_network_host: ["Localhost"]
elasticsearch_http_port: "9200" elasticsearch_http_port: "9200"
elasticsearch_shards: 5 elasticsearch_shards: 5
elasticsearch_replicas: 1 elasticsearch_replicas: 1

2
roles/elastic-stack/ansible-logstash/templates/01-wazuh.conf.j2
View File

@ -66,7 +66,7 @@ filter {
output { output {
#stdout { codec => rubydebug } #stdout { codec => rubydebug }
elasticsearch { elasticsearch {
hosts => ["{{ elasticsearch_network_host }}:{{ elasticsearch_http_port }}"] hosts => {{ elasticsearch_network_host | to_json}}
index => "wazuh-alerts-3.x-%{+YYYY.MM.dd}" index => "wazuh-alerts-3.x-%{+YYYY.MM.dd}"
document_type => "wazuh" document_type => "wazuh"
} }