Filebeat Module - Add SSL to the config

2025-12-07 17:52:46 +01:00 · 2018-06-06 15:55:55 -04:00
parent e742669e7a
commit e752637e5c
2 changed files with 4 additions and 17 deletions
--- a/salt/filebeat/etc/filebeat.yml
+++ b/salt/filebeat/etc/filebeat.yml
@@ -823,13 +823,13 @@ output.logstash:
  #proxy_use_local_resolver: false

  # Enable SSL support. SSL is automatically enabled, if any SSL setting is set.
-  #ssl.enabled: true
+  ssl.enabled: true

  # Configure SSL verification mode. If `none` is configured, all server hosts
  # and certificates will be accepted. In this mode, SSL based connections are
  # susceptible to man-in-the-middle attacks. Use only for testing. Default is
  # `full`.
-  #ssl.verification_mode: full
+  ssl.verification_mode: full

  # List of supported/valid TLS versions. By default all TLS versions 1.0 up to
  # 1.2 are enabled.
@@ -837,10 +837,10 @@ output.logstash:

  # Optional SSL configuration options. SSL is off by default.
  # List of root certificates for HTTPS server verifications
-  #ssl.certificate_authorities: ["/etc/pki/root/ca.pem"]
+  ssl.certificate_authorities: ["/usr/share/filebeat/intraca.crt"]

  # Certificate for SSL client authentication
-  #ssl.certificate: "/etc/pki/client/cert.pem"
+  ssl.certificate: "/usr/share/filebeat/filebeat.crt"

  # Client Certificate Key
  #ssl.key: "/etc/pki/client/cert.key"
--- a/salt/filebeat/init.sls
+++ b/salt/filebeat/init.sls
@@ -30,18 +30,6 @@ filebeatconfsync:
    - group: 0
    - template: jinja

-# Create Symlinks to the keys so I can distribute it to all the things
-
-fbkeylink:
-  file.symlink:
-    - name: /opt/so/saltstack/salt/filebeat/files/filebeat.key
-    - target: /etc/pki/filebeat.key
-
-fbcrtlink:
-  file.symlink:
-    - name: /opt/so/saltstack/salt/filebeat/files/filebeat.crt
-    - target: /etc/pki/filebeat.crt
-
 filebeatcrt:
  file.managed:
    - name: /opt/so/conf/filebeat/etc/pki/filebeat.crt
@@ -56,6 +44,5 @@ so-filebeat:
      - /opt/so/log/filebeat:/var/log/filebeat:rw
      - /opt/so/conf/filebeat/etc/filebeat.yml:/usr/share/filebeat/filebeat.yml:ro
      - /nsm/bro/spool/manager:/nsm/bro/spool:ro
-      - /opt/so/conf/filebeat/etc/pki/filebeat.key:/usr/share/filebeat/filebeat.key:ro
      - /opt/so/conf/filebeat/etc/pki/filebeat.crt:/usr/share/filebeat/filebeat.crt:ro
    - network_mode: so-elastic-net