heavynode

2026-01-27 02:13:30 +01:00 · 2020-01-28 18:58:26 -05:00
parent 97c0b0ddd1
commit 306cc1127b
18 changed files with 337 additions and 19 deletions
--- a/salt/filebeat/etc/filebeat.yml
+++ b/salt/filebeat/etc/filebeat.yml
@@ -1,4 +1,10 @@
+{%- if grains.role == 'so-heavynode' %}
+{%- set MASTER = grains.host %}
+{%- else %}
 {%- set MASTER = grains['master'] %}
+{%- endif %}
+
+
 {%- set HOSTNAME = salt['grains.get']('host', '') %}
 {%- set BROVER = salt['pillar.get']('static:broversion', 'COMMUNITY') %}
 {%- set WAZUHENABLED = salt['pillar.get']('static:wazuh_enabled', '1') %}
@@ -67,7 +73,7 @@ filebeat.modules:
 # List of prospectors to fetch data.
 filebeat.prospectors:
 #------------------------------ Log prospector --------------------------------
-{%- if grains['role'] == 'so-sensor' or grains['role'] == "so-eval" or grains['role'] == "so-helix" %}
+{%- if grains['role'] == 'so-sensor' or grains['role'] == "so-eval" or grains['role'] == "so-helix" or grains['role'] == "so-heavynode" %}
 {%- if BROVER != 'SURICATA' %}
 {%- for LOGNAME in salt['pillar.get']('brologs:enabled', '')  %}
  - type: log
--- a/salt/filebeat/init.sls
+++ b/salt/filebeat/init.sls
@@ -67,7 +67,7 @@ so-filebeat:
      - /opt/so/wazuh/logs/alerts/:/wazuh/alerts:ro
      - /opt/so/wazuh/logs/archives/:/wazuh/archives:ro
      - /opt/so/log/fleet/:/osquery/logs:ro
-{%- if grains['role'] == 'so-master' %}
+{%- if grains['role'] == 'so-master' or grains['role'] == 'so-heavynode' %}
      - /etc/pki/filebeat.crt:/usr/share/filebeat/filebeat.crt:ro
      - /etc/pki/filebeat.key:/usr/share/filebeat/filebeat.key:ro
 {%- else %}