CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

LS salt module - Add custom parser folder

Browse Source
This commit is contained in:
Mike Reeves
2018-02-09 16:29:07 -05:00
parent a2f3985813
commit 2f86638e49
2 changed files with 12 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
salt/logstash/files/custom/Drop.Your.Custom.Parsers.Here.conf Normal file
View File

24
salt/logstash/init.sls
View File

@@ -27,14 +27,15 @@ logstash:
- gid: 931 - gid: 931
- home: /opt/so/conf/logstash - home: /opt/so/conf/logstash
lsconfdir: # Create a directory for people to drop their own custom parsers into
lscustdir:
file.directory: file.directory:
- name: /opt/so/conf/logstash/conf.d - name: /opt/so/conf/logstash/custom
- user: 931 - user: 931
- group: 939 - group: 939
- makedirs: True - makedirs: True
# Copy down all the configs # Copy down all the configs including custom
lssync: lssync:
file.recurse: file.recurse:
- name: /opt/so/conf/logstash - name: /opt/so/conf/logstash
@@ -71,26 +72,25 @@ lslogdir:
so-logstash: so-logstash:
dockerng.running: dockerng.running:
- image: pillaritem/so-logstash - image: toosmooth/so-logstash:test2
- hostname: logstash - hostname: logstash
- user: logstash - user: logstash
- environment: - environment:
- LS_JAVA_OPTS=-Xms{{ lsheap }} -Xmx{{ lsheap }} - LS_JAVA_OPTS=-Xms{{ lsheap }} -Xmx{{ lsheap }}
- port_bindings: - port_bindings:
- 5044 - 0.0.0.0:5044:5044
- 6050 - 127.0.0.1:6050:6050
- 6051 - 127.0.0.1:6051:6051
- 6052 - 127.0.0.1:6052:6052
- 6053 - 127.0.0.1:6053:6053
- 9600 - 0.0.0.0:9600:9600
- binds: - binds:
- /opt/so/conf/logstash/log4j2.properties:/usr/share/logstash/config/log4j2.properties:ro - /opt/so/conf/logstash/log4j2.properties:/usr/share/logstash/config/log4j2.properties:ro
- /opt/so/conf/logstash/logstash.yml:/usr/share/logstash/config/logstash.yml:ro - /opt/so/conf/logstash/logstash.yml:/usr/share/logstash/config/logstash.yml:ro
- /opt/so/conf/logstash/logstash-template.json:/logstash-template.json:ro - /opt/so/conf/logstash/logstash-template.json:/logstash-template.json:ro
- /opt/so/conf/logstash/beats-template.json:/beats-template.json:ro - /opt/so/conf/logstash/beats-template.json:/beats-template.json:ro
- /opt/so/conf/logstash/conf.d:/usr/share/logstash/pipeline/:ro - /opt/so/conf/logstash/custom:/usr/share/logstash/custom/:ro
- /opt/so/rules:/etc/nsm/rules:ro - /opt/so/rules:/etc/nsm/rules:ro
- /opt/so/conf/logstash/dictionaries:/lib/dictionaries:ro
- /nsm/import:/nsm/import:ro - /nsm/import:/nsm/import:ro
- /nsm/logstash:/usr/share/logstash/data:rw - /nsm/logstash:/usr/share/logstash/data:rw
- /opt/so/log/logstash:/var/log/logstash:rw - /opt/so/log/logstash:/var/log/logstash:rw