afmarulanda/wazuh-ansible-4.8.1
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
d67ae78712
wazuh-ansible-4.8.1/roles/opensearch/wazuh-indexer/templates/opensearch.yml.j2
Gonzalo Acuña d67ae78712
Updates to Wazuh and Opensearch roles
2022-02-04 16:58:21 -03:00

61 lines
2.8 KiB
Django/Jinja
Raw Blame History

network.host: {{ indexer_network_host }}
node.name: {{ indexer_node_name }}
{% if single_node == true %}
discovery.type: single-node
{% else %}
cluster.initial_master_nodes:
{% for item in indexer_cluster_nodes %}
- {{ item }}
{% endfor %}
discovery.seed_hosts:
{% for item in elasticsearch_discovery_nodes %}
- {{ item }}
{% endfor %}
{% endif %}
cluster.name: {{ indexer_cluster_name }}
http.port: 9700-9799
transport.tcp.port: 9800-9899
node.max_local_storage_nodes: "3"
path.data: /var/lib/wazuh-indexer
path.logs: /var/log/wazuh-indexer
###############################################################################
# #
# WARNING: Demo certificates set up in this file. #
# Please change on production cluster! #
# #
###############################################################################
plugins.security.ssl.http.pemcert_filepath: /etc/wazuh-indexer/certs/{{ indexer_node_name }}.pem
plugins.security.ssl.http.pemkey_filepath: /etc/wazuh-indexer/certs/{{ indexer_node_name }}-key.pem
plugins.security.ssl.http.pemtrustedcas_filepath: /etc/wazuh-indexer/certs/root-ca.pem
plugins.security.ssl.transport.pemcert_filepath: /etc/wazuh-indexer/certs/{{ indexer_node_name }}.pem
plugins.security.ssl.transport.pemkey_filepath: /etc/wazuh-indexer/certs/{{ indexer_node_name }}-key.pem
plugins.security.ssl.transport.pemtrustedcas_filepath: /etc/wazuh-indexer/certs/root-ca.pem
plugins.security.ssl.http.enabled: true
plugins.security.ssl.transport.enforce_hostname_verification: false
plugins.security.ssl.transport.resolve_hostname: false
plugins.security.audit.type: internal_opensearch
plugins.security.authcz.admin_dn:
- "CN=admin,OU=Docu,O=Wazuh,L=California,C=US"
plugins.security.check_snapshot_restore_write_privileges: true
plugins.security.enable_snapshot_restore_privilege: true
plugins.security.nodes_dn:
{% for (key,value) in instances.items() %}
- "CN={{ value.name }},OU=Docu,O=Wazuh,L=California,C=US"
{% endfor %}
plugins.security.restapi.roles_enabled:
- "all_access"
- "security_rest_api_access"
plugins.security.system_indices.enabled: true
plugins.security.system_indices.indices: [".opendistro-alerting-config", ".opendistro-alerting-alert*", ".opendistro-anomaly-results*", ".opendistro-anomaly-detector*", ".opendistro-anomaly-checkpoints", ".opendistro-anomaly-detection-state", ".opendistro-reports-*", ".opendistro-notifications-*", ".opendistro-notebooks", ".opensearch-observability", ".opendistro-asynchronous-search-response*", ".replication-metadata-store"]
### Option to allow Filebeat-oss 7.10.2 to work ###
compatibility.override_main_response_version: true
Reference in New Issue View Git Blame Copy Permalink