Continue merge of ECS into Elastic Auth

2025-12-12 20:22:59 +01:00 · 2021-06-15 09:11:58 -04:00
parent 3891ca2929
commit dd8eb29a18
8 changed files with 25 additions and 13 deletions
--- a/salt/logstash/pipelines/config/so/9050_output_filebeatmodules.conf.jinja
+++ b/salt/logstash/pipelines/config/so/9050_output_filebeatmodules.conf.jinja
@@ -3,18 +3,22 @@
 {%- else %}
 {%- set ES = salt['pillar.get']('elasticsearch:mainip', '') -%}
 {%- endif %}
+{%- set ES_USER = salt['pillar.get']('elasticsearch:auth:users:so_logstash_user:user', '') %}
+{%- set ES_PASS = salt['pillar.get']('elasticsearch:auth:users:so_logstash_user:pass', '') %}
 output {
- if [metadata][pipeline] {
-   elasticsearch {
-     id => "filebeat_modules_metadata_pipeline"
-     pipeline => "%{[metadata][pipeline]}"
-     hosts => "{{ ES }}"
-     index => "so-%{[event][module]}-%{+YYYY.MM.dd}"
-     template_name => "so-common"
-     template => "/templates/so-common-template.json"
-     template_overwrite => true
-     ssl => true
-     ssl_certificate_verification => false
-   }
- }
+  if [metadata][pipeline] {
+    elasticsearch {
+      id => "filebeat_modules_metadata_pipeline"
+      pipeline => "%{[metadata][pipeline]}"
+      hosts => "{{ ES }}"
+      user => "{{ ES_USER }}"
+      password => "{{ ES_PASS }}"
+      index => "so-%{[event][module]}-%{+YYYY.MM.dd}"
+      template_name => "so-common"
+      template => "/templates/so-common-template.json"
+      template_overwrite => true
+      ssl => true
+      ssl_certificate_verification => false
+    }
+  }
 }