151 lines
4.9 KiB
Django/Jinja
151 lines
4.9 KiB
Django/Jinja
filebeat:
|
|
# List of prospectors to fetch data.
|
|
prospectors:
|
|
{{ filebeat_prospectors | to_json }}
|
|
|
|
# Configure what outputs to use when sending the data collected by the beat.
|
|
# Multiple outputs may be used.
|
|
output:
|
|
|
|
{% if filebeat_output_elasticsearch_enabled %}
|
|
### Elasticsearch as output
|
|
elasticsearch:
|
|
# Array of hosts to connect to.
|
|
hosts: {{ filebeat_output_elasticsearch_hosts | to_json }}
|
|
|
|
# Optional protocol and basic auth credentials. These are deprecated.
|
|
#protocol: "https"
|
|
#username: "admin"
|
|
#password: "s3cr3t"
|
|
|
|
# Number of workers per Elasticsearch host.
|
|
#worker: 1
|
|
|
|
# Optional index name. The default is "filebeat" and generates
|
|
# [filebeat-]YYYY.MM.DD keys.
|
|
#index: "filebeat"
|
|
|
|
# Optional HTTP Path
|
|
#path: "/elasticsearch"
|
|
|
|
# Proxy server URL
|
|
# proxy_url: http://proxy:3128
|
|
|
|
# The number of times a particular Elasticsearch index operation is attempted. If
|
|
# the indexing operation doesn't succeed after this many retries, the events are
|
|
# dropped. The default is 3.
|
|
#max_retries: 3
|
|
|
|
# The maximum number of events to bulk in a single Elasticsearch bulk API index request.
|
|
# The default is 50.
|
|
#bulk_max_size: 50
|
|
|
|
# Configure http request timeout before failing an request to Elasticsearch.
|
|
#timeout: 90
|
|
|
|
# The number of seconds to wait for new events between two bulk API index requests.
|
|
# If `bulk_max_size` is reached before this interval expires, addition bulk index
|
|
# requests are made.
|
|
#flush_interval: 1
|
|
|
|
# Boolean that sets if the topology is kept in Elasticsearch. The default is
|
|
# false. This option makes sense only for Packetbeat.
|
|
#save_topology: false
|
|
|
|
# The time to live in seconds for the topology information that is stored in
|
|
# Elasticsearch. The default is 15 seconds.
|
|
#topology_expire: 15
|
|
|
|
{% if filebeat_ssl_certificate_file and filebeat_ssl_key_file %}
|
|
# tls configuration. By default is off.
|
|
tls:
|
|
# List of root certificates for HTTPS server verifications
|
|
#certificate_authorities: ["/etc/pki/root/ca.pem"]
|
|
|
|
# Certificate for TLS client authentication
|
|
certificate: "{{ filebeat_ssl_dir }}/{{ filebeat_ssl_certificate_file | basename }}"
|
|
|
|
# Client Certificate Key
|
|
certificate_key: "{{ filebeat_ssl_dir }}/{{ filebeat_ssl_key_file | basename}}"
|
|
|
|
# Controls whether the client verifies server certificates and host name.
|
|
# If insecure is set to true, all server host names and certificates will be
|
|
# accepted. In this mode TLS based connections are susceptible to
|
|
# man-in-the-middle attacks. Use only for testing.
|
|
insecure: {{ filebeat_ssl_insecure }}
|
|
|
|
# Configure cipher suites to be used for TLS connections
|
|
#cipher_suites: []
|
|
|
|
# Configure curve types for ECDHE based cipher suites
|
|
#curve_types: []
|
|
|
|
# Configure minimum TLS version allowed for connection to logstash
|
|
#min_version: 1.0
|
|
|
|
# Configure maximum TLS version allowed for connection to logstash
|
|
#max_version: 1.2
|
|
{% endif %}
|
|
{% endif %}
|
|
|
|
{% if filebeat_output_logstash_enabled %}
|
|
### Logstash as output
|
|
logstash:
|
|
# The Logstash hosts
|
|
hosts: {{ filebeat_output_logstash_hosts | to_json }}
|
|
|
|
# Number of workers per Logstash host.
|
|
#worker: 1
|
|
|
|
# Optional load balance the events between the Logstash hosts
|
|
#loadbalance: true
|
|
|
|
# Optional index name. The default index name depends on the each beat.
|
|
# For Packetbeat, the default is set to packetbeat, for Topbeat
|
|
# top topbeat and for Filebeat to filebeat.
|
|
#index: filebeat
|
|
|
|
{% if filebeat_ssl_certificate_file and filebeat_ssl_key_file %}
|
|
# Optional TLS. By default is off.
|
|
tls:
|
|
# List of root certificates for HTTPS server verifications
|
|
#certificate_authorities: ["/etc/pki/root/ca.pem"]
|
|
|
|
# Certificate for TLS client authentication
|
|
certificate: "{{ filebeat_ssl_dir }}/{{ filebeat_ssl_certificate_file | basename }}"
|
|
|
|
# Client Certificate Key
|
|
certificate_key: "{{ filebeat_ssl_dir }}/{{ filebeat_ssl_key_file | basename}}"
|
|
|
|
# Controls whether the client verifies server certificates and host name.
|
|
# If insecure is set to true, all server host names and certificates will be
|
|
# accepted. In this mode TLS based connections are susceptible to
|
|
# man-in-the-middle attacks. Use only for testing.
|
|
#insecure: true
|
|
insecure: {{ filebeat_ssl_insecure }}
|
|
|
|
# Configure cipher suites to be used for TLS connections
|
|
#cipher_suites: []
|
|
|
|
# Configure curve types for ECDHE based cipher suites
|
|
#curve_types: []
|
|
{% endif %}
|
|
|
|
{% if filebeat_enable_logging %}
|
|
logging:
|
|
### Filebeat log
|
|
level: {{ filebeat_log_level }}
|
|
|
|
# Enable file rotation with default configuration
|
|
to_files: true
|
|
|
|
# Do not log to syslog
|
|
to_syslog: false
|
|
|
|
files:
|
|
path: {{ filebeat_log_dir }}
|
|
name: {{ filebeat_log_filename }}
|
|
keepfiles: 7
|
|
{% endif %}
|
|
{% endif %}
|