CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

change 9805 pipeline to send to self. fix extra_hosts for logstash

Browse Source
This commit is contained in:
m0duspwnens
2023-12-14 10:01:03 -05:00
parent be8ed1e1d8
commit 03b2a7d2de
2 changed files with 13 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
salt/logstash/enabled.sls
View File

@@ -33,18 +33,23 @@ so-logstash:
- sobridge: - sobridge:
- ipv4_address: {{ DOCKER.containers['so-logstash'].ip }} - ipv4_address: {{ DOCKER.containers['so-logstash'].ip }}
- user: logstash - user: logstash
- extra_hosts: {{ REDIS_NODES }} - extra_hosts:
{% for node in REDIS_NODES %}
{% for hostname, ip in node.items() %}
- {{hostname}}:{{ip}}
{% endfor %}
{% endfor %}
{% if DOCKER.containers['so-logstash'].extra_hosts %} {% if DOCKER.containers['so-logstash'].extra_hosts %}
{% for XTRAHOST in DOCKER.containers['so-logstash'].extra_hosts %} {% for XTRAHOST in DOCKER.containers['so-logstash'].extra_hosts %}
- {{ XTRAHOST }} - {{ XTRAHOST }}
{% endfor %} {% endfor %}
{% endif %} {% endif %}
- environment: - environment:
- LS_JAVA_OPTS=-Xms{{ lsheap }} -Xmx{{ lsheap }} - LS_JAVA_OPTS=-Xms{{ lsheap }} -Xmx{{ lsheap }}
{% if DOCKER.containers['so-logstash'].extra_env %} {% if DOCKER.containers['so-logstash'].extra_env %}
{% for XTRAENV in DOCKER.containers['so-logstash'].extra_env %} {% for XTRAENV in DOCKER.containers['so-logstash'].extra_env %}
- {{ XTRAENV }} - {{ XTRAENV }}
{% endfor %} {% endfor %}
{% endif %} {% endif %}
- port_bindings: - port_bindings:
{% for BINDING in DOCKER.containers['so-logstash'].port_bindings %} {% for BINDING in DOCKER.containers['so-logstash'].port_bindings %}

6
salt/logstash/pipelines/config/so/9805_output_elastic_agent.conf.jinja
View File

@@ -3,7 +3,7 @@ output {
if [metadata][pipeline] { if [metadata][pipeline] {
if [metadata][_id] { if [metadata][_id] {
elasticsearch { elasticsearch {
hosts => "{{ GLOBALS.manager }}" hosts => "{{ GLOBALS.hostname }}"
ecs_compatibility => v8 ecs_compatibility => v8
data_stream => true data_stream => true
user => "{{ ES_USER }}" user => "{{ ES_USER }}"
@@ -17,7 +17,7 @@ output {
} }
else { else {
elasticsearch { elasticsearch {
hosts => "{{ GLOBALS.manager }}" hosts => "{{ GLOBALS.hostname }}"
ecs_compatibility => v8 ecs_compatibility => v8
data_stream => true data_stream => true
user => "{{ ES_USER }}" user => "{{ ES_USER }}"
@@ -30,7 +30,7 @@ output {
} }
else { else {
elasticsearch { elasticsearch {
hosts => "{{ GLOBALS.manager }}" hosts => "{{ GLOBALS.hostname }}"
ecs_compatibility => v8 ecs_compatibility => v8
data_stream => true data_stream => true
user => "{{ ES_USER }}" user => "{{ ES_USER }}"