handle the docker port bindings for filebeat modules

2025-12-07 17:52:46 +01:00 · 2021-05-10 18:08:47 -04:00
parent 01a121e029
commit efc028d0a5
3 changed files with 12 additions and 1 deletions
--- a/salt/filebeat/init.sls
+++ b/salt/filebeat/init.sls
@@ -20,6 +20,8 @@
 {% set LOCALHOSTIP = salt['grains.get']('ip_interfaces').get(MAININT)[0] %}
 {% set MANAGER = salt['grains.get']('master') %}
 {% set MANAGERIP = salt['pillar.get']('global:managerip', '') %}
+{% from 'filebeat/map.jinja' import THIRDPARTY with context %}
+
 filebeatetcdir:
  file.directory:
    - name: /opt/so/conf/filebeat/etc
@@ -98,6 +100,13 @@ so-filebeat:
        - 0.0.0.0:514:514/udp
        - 0.0.0.0:514:514/tcp
        - 0.0.0.0:5066:5066/tcp
+{% for module in THIRDPARTY.modules.keys() %}
+  {% for submodule in THIRDPARTY.modules[module] %}
+    {% if THIRDPARTY.modules[module][submodule].enabled %}
+        - {{ THIRDPARTY.modules[module][submodule].get("var.syslog_host", "0.0.0.0") }}:{{ THIRDPARTY.modules[module][submodule]["var.syslog_port"] }}:{{ THIRDPARTY.modules[module][submodule]["var.syslog_port"] }}/{{ THIRDPARTY.modules[module][submodule]["var.input"] }}
+    {% endif %}
+  {% endfor %}
+{% endfor %}
    - watch:
      - file: /opt/so/conf/filebeat/etc/filebeat.yml

--- a/salt/filebeat/map.jinja
+++ b/salt/filebeat/map.jinja
@@ -0,0 +1,2 @@
+{% import_yaml 'filebeat/thirdpartydefaults.yaml' as TPDEFAULTS %}
+{% set THIRDPARTY = salt['pillar.get']('filebeat:third_party_filebeat', default=TPDEFAULTS.third_party_filebeat, merge=True) %}
--- a/salt/filebeat/thirdpartydefaults.yml
+++ b/salt/filebeat/thirdpartydefaults.yml
@@ -1,4 +1,4 @@
-thirtd_party_filebeat:
+third_party_filebeat:
  modules:
    fortinet:
      firewall: