---
filebeat_version: 7.8.0

wazuh_template_branch: v3.13.1

filebeat_create_config: true

filebeat_prospectors:
  - input_type: log
    paths:
      - "/var/ossec/logs/alerts/alerts.json"
    document_type: json
    json.message_key: log
    json.keys_under_root: true
    json.overwrite_keys: true

filebeat_node_name: node-1

filebeat_output_elasticsearch_enabled: false
filebeat_output_elasticsearch_hosts:
  - "localhost:9200"

filebeat_enable_logging: true
filebeat_log_level: debug
filebeat_log_dir: /var/log/mybeat
filebeat_log_filename: mybeat.log
filebeat_ssl_dir: /etc/pki/filebeat
filebeat_ssl_certificate_file: ""
filebeat_ssl_insecure: "false"

filebeat_module_package_url: https://packages.wazuh.com/3.x/filebeat
filebeat_module_package_name: wazuh-filebeat-0.1.tar.gz
filebeat_module_package_path: /tmp/
filebeat_module_destination: /usr/share/filebeat/module
filebeat_module_folder: /usr/share/filebeat/module/wazuh

# Xpack Security
filebeat_xpack_security: false

elasticsearch_xpack_security_user: elastic
elasticsearch_xpack_security_password: elastic_pass

node_certs_generator : false
node_certs_source: /usr/share/elasticsearch
node_certs_destination: /etc/filebeat/certs


# CA Generation
master_certs_path: "{{ playbook_dir }}/es_certs"
generate_CA: true
ca_cert_name: ""

elasticrepo:
  apt: 'https://artifacts.elastic.co/packages/7.x/apt'
  yum: 'https://artifacts.elastic.co/packages/7.x/yum'
  gpg: 'https://artifacts.elastic.co/GPG-KEY-elasticsearch'
  key_id: '46095ACC8548582C1A2699A9D27D666CD88E42B4'