CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-30 08:28:18 +02:00
Code Issues Packages Projects Releases Wiki Activity

add 514 tcp listener to filebeat docker and add syslog listener to fb config for manager and manager search - https://github.com/Security-Onion-Solutions/securityonion/issues/1551

Browse Source
This commit is contained in:
m0duspwnens
2020-10-19 10:27:40 -04:00
parent a05329e7d8
commit 79854f111e
2 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
salt/filebeat/etc/filebeat.yml
+1 -1
View File
@@ -74,7 +74,7 @@ filebeat.modules:
# List of prospectors to fetch data.
filebeat.inputs:
#------------------------------ Log prospector --------------------------------
{%- if grains['role'] in ['so-sensor', "so-eval", "so-helix", "so-heavynode", "so-standalone", "so-import"] %}
{%- if grains['role'] in ['so-manager', 'so-managersearch', 'so-eval', 'so-standalone', 'so-sensor', 'so-helix', 'so-heavynode', 'so-import'] %}
- type: udp
enabled: true
host: "0.0.0.0:514"