From 723316caf0b82ac583d641ab1b28e7fdaa5b1271 Mon Sep 17 00:00:00 2001
From: Pablo Romero <pablo.romero@wazuh.com>
Date: Wed, 27 Dec 2017 12:57:08 +0100
Subject: [PATCH] Default logstash configuration changed

---
 ansible-role-logstash/defaults/main.yml          | 2 +-
 ansible-role-logstash/templates/01-wazuh.conf.j2 | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/ansible-role-logstash/defaults/main.yml b/ansible-role-logstash/defaults/main.yml
index 136e2c32..42d3f4c3 100644
--- a/ansible-role-logstash/defaults/main.yml
+++ b/ansible-role-logstash/defaults/main.yml
@@ -1,6 +1,6 @@
 ---
 logstash_create_config: true
-logstash_input_beats: true
+logstash_input_beats: false
 
 elasticsearch_network_host: "127.0.0.1"
 elasticsearch_http_port: "9200"
diff --git a/ansible-role-logstash/templates/01-wazuh.conf.j2 b/ansible-role-logstash/templates/01-wazuh.conf.j2
index 6ed29624..96e7d916 100644
--- a/ansible-role-logstash/templates/01-wazuh.conf.j2
+++ b/ansible-role-logstash/templates/01-wazuh.conf.j2
@@ -55,7 +55,7 @@ output {
     #stdout { codec => rubydebug }
     elasticsearch {
         hosts => ["{{ elasticsearch_network_host }}:{{ elasticsearch_http_port }}"]
-        index => "wazuh-alerts-%{+YYYY.MM.dd}"
+        index => "wazuh-alerts-3.x-%{+YYYY.MM.dd}"
         document_type => "wazuh"
     }
 }