Initial EG stuff

2026-01-19 22:51:23 +01:00 · 2021-10-13 17:13:07 +00:00
parent 2561480371
commit e1629d7ec4
8 changed files with 2910 additions and 1 deletions
--- a/pillar/elasticsearch/manager.sls
+++ b/pillar/elasticsearch/manager.sls
@@ -2,6 +2,7 @@ elasticsearch:
  templates:
    - so/so-beats-template.json.jinja
    - so/so-common-template.json.jinja
+    - so/so-endgame-template.json.jinja
    - so/so-firewall-template.json.jinja
    - so/so-flow-template.json.jinja
    - so/so-ids-template.json.jinja
--- a/pillar/elasticsearch/search.sls
+++ b/pillar/elasticsearch/search.sls
@@ -2,6 +2,7 @@ elasticsearch:
  templates:
    - so/so-beats-template.json.jinja
    - so/so-common-template.json.jinja
+    - so/so-endgame-template.json.jinja
    - so/so-firewall-template.json.jinja
    - so/so-flow-template.json.jinja
    - so/so-ids-template.json.jinja
--- a/pillar/logstash/init.sls
+++ b/pillar/logstash/init.sls
@@ -1,6 +1,7 @@
 logstash:
  docker_options:
    port_bindings:
+      - 0.0.0.0:3765:3765
      - 0.0.0.0:5044:5044
      - 0.0.0.0:5644:5644
      - 0.0.0.0:6050:6050
--- a/pillar/logstash/manager.sls
+++ b/pillar/logstash/manager.sls
@@ -5,5 +5,6 @@ logstash:
      config:
        - so/0009_input_beats.conf      
        - so/0010_input_hhbeats.conf
+        - so/0011_input_endgame.conf
        - so/9999_output_redis.conf.jinja
-        
+        
--- a/pillar/logstash/search.sls
+++ b/pillar/logstash/search.sls
@@ -14,3 +14,4 @@ logstash:
        - so/9600_output_ossec.conf.jinja
        - so/9700_output_strelka.conf.jinja
        - so/9800_output_logscan.conf.jinja
+        - so/9900_output_endgame.conf.jinja