Logstash Module - Wes Mods

2025-12-08 10:12:53 +01:00 · 2018-11-13 14:41:07 -05:00
parent 7853a6dfeb
commit b88a9b5769
4 changed files with 19 additions and 1 deletions
--- a/salt/logstash/conf/conf.enabled.txt.parser
+++ b/salt/logstash/conf/conf.enabled.txt.parser
@@ -81,4 +81,4 @@
 /usr/share/logstash/pipeline.so/8505_postprocess_freq_analysis_bro_x509.conf
 /usr/share/logstash/pipeline.so/8998_postprocess_log_elapsed.conf
 /usr/share/logstash/pipeline.so/8999_postprocess_rename_type.conf
-/usr/share/logstash/pipeline.dynamic/9999_output_redis.conf
+/usr/share/logstash/pipeline.dynamic/9999_output_redis.conf
--- a/salt/logstash/files/custom/parsers/Drop.Your.Custom.Parsers.Here.conf
+++ b/salt/logstash/files/custom/parsers/Drop.Your.Custom.Parsers.Here.conf
--- a/salt/logstash/files/custom/templates/Drop.Your.Custom.Templates.Here.conf
+++ b/salt/logstash/files/custom/templates/Drop.Your.Custom.Templates.Here.conf
@@ -0,0 +1,2 @@
 # Reference /usr/share/logstash/pipeline.custom/templates/YOURTEMPLATE.json
 #
--- a/salt/logstash/init.sls
+++ b/salt/logstash/init.sls
@@ -63,6 +63,20 @@ lscustdir:
    - group: 939
    - makedirs: True
 lscustparserdir:
  file.directory:
    - name: /opt/so/conf/logstash/custom/parsers
    - user: 931
    - group: 939
    - makedirs: True
 lscusttemplatedir:
  file.directory:
    - name: /opt/so/conf/logstash/custom/templates
    - user: 931
    - group: 939
    - makedirs: True
 # Copy down all the configs including custom - TODO add watch restart
 lssync:
  file.recurse:
@@ -145,3 +159,5 @@ so-logstash:
      - /nsm/bro:/nsm/bro:ro
      - /opt/so/log/suricata:/suricata:ro
      {%- endif %}
      - watch:
        - file: /opt/so/conf/logstash
		`@@ -0,0 +1,2 @@`
							`# Reference /usr/share/logstash/pipeline.custom/templates/YOURTEMPLATE.json`
							`#`