Add templates for SO logs

2025-12-07 17:52:46 +01:00 · 2021-06-09 12:04:32 -04:00
parent 579ff8c0b4
commit 4c90a0ed7e
4 changed files with 60 additions and 0 deletions
--- a/salt/logstash/pipelines/config/so/9050_output_elasticsearch_log.jinja
+++ b/salt/logstash/pipelines/config/so/9050_output_elasticsearch_log.jinja
--- a/salt/logstash/pipelines/config/so/9050_output_kibana_log.jinja
+++ b/salt/logstash/pipelines/config/so/9050_output_kibana_log.jinja
@@ -0,0 +1,20 @@
+{%- if grains['role'] == 'so-eval' -%}
+{%- set ES = salt['pillar.get']('manager:mainip', '') -%}
+{%- else %}
+{%- set ES = salt['pillar.get']('elasticsearch:mainip', '') -%}
+{%- endif %}
+output {
+ if [event][module] == 'kibana' {
+   elasticsearch {
+     id => "kibana_logs"
+     pipeline => "filebeat-%{[agent][version]}-kibana-%{[fileset][name]}-pipeline"
+     hosts => "{{ ES }}"
+     index => "so-grid-%{+YYYY.MM.dd}"
+     template_name => "so-common"
+     template => "/templates/so-common-template.json"
+     template_overwrite => true
+     ssl => true
+     ssl_certificate_verification => false
+   }
+ }
+}
--- a/salt/logstash/pipelines/config/so/9050_output_logstash_log.jinja
+++ b/salt/logstash/pipelines/config/so/9050_output_logstash_log.jinja
@@ -0,0 +1,20 @@
+{%- if grains['role'] == 'so-eval' -%}
+{%- set ES = salt['pillar.get']('manager:mainip', '') -%}
+{%- else %}
+{%- set ES = salt['pillar.get']('elasticsearch:mainip', '') -%}
+{%- endif %}
+output {
+ if [event][module] == 'logstash' {
+   elasticsearch {
+     id => "logstash_logs"
+     pipeline => "filebeat-%{[agent][version]}-logstash-%{[fileset][name]}-pipeline"
+     hosts => "{{ ES }}"
+     index => "so-grid-%{+YYYY.MM.dd}"
+     template_name => "so-common"
+     template => "/templates/so-common-template.json"
+     template_overwrite => true
+     ssl => true
+     ssl_certificate_verification => false
+   }
+ }
+}
--- a/salt/logstash/pipelines/config/so/9050_output_redis_log.jinja
+++ b/salt/logstash/pipelines/config/so/9050_output_redis_log.jinja
@@ -0,0 +1,20 @@
+{%- if grains['role'] == 'so-eval' -%}
+{%- set ES = salt['pillar.get']('manager:mainip', '') -%}
+{%- else %}
+{%- set ES = salt['pillar.get']('elasticsearch:mainip', '') -%}
+{%- endif %}
+output {
+ if [event][module] == 'redis' {
+   elasticsearch {
+     id => "redis_logs"
+     pipeline => "filebeat-%{[agent][version]}-redis-%{[fileset][name]}-pipeline"
+     hosts => "{{ ES }}"
+     index => "so-grid-%{+YYYY.MM.dd}"
+     template_name => "so-common"
+     template => "/templates/so-common-template.json"
+     template_overwrite => true
+     ssl => true
+     ssl_certificate_verification => false
+   }
+ }
+}