Logstash role: adding the ability to switch between file and beats input

ansible-role-logstash/defaults/main.yml

@@ -1,4 +1,12 @@
 ---
+logstash_create_config: true
+logstash_input_beats: false
+
 elasticsearch_network_host: "127.0.0.1"
 elasticsearch_http_port: "9200"
 elk_stack_version: 5.4.0
+
+logstash_ssl: false
+logstash_ssl_dir: /etc/pki/logstash
+logstash_ssl_certificate_file: ""
+logstash_ssl_key_file: ""

ansible-role-logstash/templates/01-wazuh.conf.j2

@@ -1,23 +1,30 @@
 # {{ ansible_managed }}
 # Wazuh - Logstash configuration file
+
+{% if logstash_input_beats == true %}
 ## Remote Wazuh Manager - Filebeat input
 input {
     beats {
         port => 5000
         codec => "json_lines"
-#        ssl => true
-#        ssl_certificate => "/etc/logstash/logstash.crt"
-#        ssl_key => "/etc/logstash/logstash.key"
+{% if logstash_ssl == true %}
+        ssl => true
+        ssl_certificate => "{{ logstash_ssl_dir }}/{{ logstash_ssl_certificate_file | basename }}"
+        ssl_key => "{{ logstash_ssl_dir }}/{{ logstash_ssl_key_file | basename }}"
+{% endif %}
     }
 }
+{% else %}
 ## Local Wazuh Manager - JSON file input
-#input {
-#   file {
-#       type => "wazuh-alerts"
-#       path => "/var/ossec/logs/alerts/alerts.json"
-#       codec => "json"
-#   }
-#}
+input {
+   file {
+       type => "wazuh-alerts"
+       path => "/var/ossec/logs/alerts/alerts.json"
+       codec => "json"
+   }
+}
+{% endif %}
+
 filter {
     geoip {
         source => "srcip"