firewall: hostgroups: analyst: [] anywhere: - 0.0.0.0/0 beats_endpoint: [] beats_endpoint_ssl: [] dockernet: [] elastic_agent_endpoint: [] elasticsearch_rest: [] endgame: [] eval: [] fleet: [] heavynode: [] idh: [] import: [] localhost: - 127.0.0.1 manager: [] managersearch: [] receiver: [] searchnode: [] self: [] sensor: [] standalone: [] strelka_frontend: [] syslog: [] desktop: [] customhostgroup0: [] customhostgroup1: [] customhostgroup2: [] customhostgroup3: [] customhostgroup4: [] customhostgroup5: [] customhostgroup6: [] customhostgroup7: [] customhostgroup8: [] customhostgroup9: [] portgroups: all: tcp: - '0:65535' udp: - '0:65535' beats_5044: tcp: - 5044 udp: [] beats_5644: tcp: - 5644 udp: [] beats_5066: tcp: - 5066 udp: [] beats_5056: tcp: - 5056 udp: [] docker_registry: tcp: - 5000 udp: [] elasticsearch_node: tcp: - 9300 udp: [] elasticsearch_rest: tcp: - 9200 udp: [] elastic_agent_control: tcp: - 8220 udp: [] elastic_agent_data: tcp: - 5055 udp: [] elastic_agent_update: tcp: - 8443 udp: [] endgame: tcp: - 3765 udp: [] influxdb: tcp: - 8086 udp: [] kafka_controller: tcp: - 9093 udp: [] kafka_data: tcp: - 9092 udp: [] kibana: tcp: - 5601 udp: [] localrules: tcp: - 7788 udp: [] nginx: tcp: - 80 - 443 udp: [] redis: tcp: - 6379 - 9696 salt_manager: tcp: - 4505 - 4506 udp: [] sensoroni: tcp: - 443 udp: [] ssh: tcp: - 22 udp: [] strelka_frontend: tcp: - 57314 udp: [] syslog: tcp: - 514 udp: - 514 yum: tcp: - 443 udp: [] customportgroup0: tcp: [] udp: [] customportgroup1: tcp: [] udp: [] customportgroup2: tcp: [] udp: [] customportgroup3: tcp: [] udp: [] customportgroup4: tcp: [] udp: [] customportgroup5: tcp: [] udp: [] customportgroup6: tcp: [] udp: [] customportgroup7: tcp: [] udp: [] customportgroup8: tcp: [] udp: [] customportgroup9: tcp: [] udp: [] role: eval: chain: DOCKER-USER: hostgroups: eval: portgroups: - kibana - redis - influxdb - elasticsearch_rest - elasticsearch_node - localrules sensor: portgroups: - beats_5044 - beats_5644 searchnode: portgroups: - redis - elasticsearch_node heavynode: portgroups: - redis - elasticsearch_node beats_endpoint: portgroups: - beats_5044 beats_endpoint_ssl: portgroups: - beats_5644 elasticsearch_rest: portgroups: - elasticsearch_rest elastic_agent_endpoint: portgroups: - elastic_agent_control - elastic_agent_data - elastic_agent_update strelka_frontend: portgroups: - strelka_frontend analyst: portgroups: - nginx customhostgroup0: portgroups: [] customhostgroup1: portgroups: [] customhostgroup2: portgroups: [] customhostgroup3: portgroups: [] customhostgroup4: portgroups: [] customhostgroup5: portgroups: [] customhostgroup6: portgroups: [] customhostgroup7: portgroups: [] customhostgroup8: portgroups: [] customhostgroup9: portgroups: [] INPUT: hostgroups: anywhere: portgroups: - ssh dockernet: portgroups: - all localhost: portgroups: - all self: portgroups: - syslog syslog: portgroups: - syslog customhostgroup0: portgroups: [] customhostgroup1: portgroups: [] customhostgroup2: portgroups: [] customhostgroup3: portgroups: [] customhostgroup4: portgroups: [] customhostgroup5: portgroups: [] customhostgroup6: portgroups: [] customhostgroup7: portgroups: [] customhostgroup8: portgroups: [] customhostgroup9: portgroups: [] fleet: chain: DOCKER-USER: hostgroups: sensor: portgroups: - elastic_agent_control - elastic_agent_data - elastic_agent_update elastic_agent_endpoint: portgroups: - elastic_agent_control - elastic_agent_data - elastic_agent_update desktop: portgroups: - elastic_agent_control - elastic_agent_data - elastic_agent_update customhostgroup0: portgroups: [] customhostgroup1: portgroups: [] customhostgroup2: portgroups: [] customhostgroup3: portgroups: [] customhostgroup4: portgroups: [] customhostgroup5: portgroups: [] customhostgroup6: portgroups: [] customhostgroup7: portgroups: [] customhostgroup8: portgroups: [] customhostgroup9: portgroups: [] INPUT: hostgroups: anywhere: portgroups: - ssh dockernet: portgroups: - all localhost: portgroups: - all standalone: portgroups: - salt_manager sensor: portgroups: - salt_manager searchnode: portgroups: - salt_manager heavynode: portgroups: - salt_manager customhostgroup0: portgroups: [] customhostgroup1: portgroups: [] customhostgroup2: portgroups: [] customhostgroup3: portgroups: [] customhostgroup4: portgroups: [] customhostgroup5: portgroups: [] customhostgroup6: portgroups: [] customhostgroup7: portgroups: [] customhostgroup8: portgroups: [] customhostgroup9: portgroups: [] manager: chain: DOCKER-USER: hostgroups: manager: portgroups: - kibana - redis - influxdb - elasticsearch_rest - elasticsearch_node - docker_registry - elastic_agent_control - elastic_agent_data - elastic_agent_update - localrules - sensoroni fleet: portgroups: - elasticsearch_rest - docker_registry - influxdb - sensoroni - yum - beats_5044 - beats_5644 - beats_5056 - elastic_agent_control - elastic_agent_data - elastic_agent_update idh: portgroups: - docker_registry - influxdb - sensoroni - yum - beats_5044 - beats_5644 - elastic_agent_control - elastic_agent_data - elastic_agent_update sensor: portgroups: - beats_5044 - beats_5644 - elastic_agent_control - elastic_agent_data - elastic_agent_update - yum - docker_registry - influxdb - sensoroni searchnode: portgroups: - redis - elasticsearch_rest - elasticsearch_node - beats_5644 - yum - docker_registry - influxdb - elastic_agent_control - elastic_agent_data - elastic_agent_update - sensoroni heavynode: portgroups: - redis - elasticsearch_rest - elasticsearch_node - beats_5644 - yum - docker_registry - influxdb - elastic_agent_control - elastic_agent_data - elastic_agent_update - sensoroni receiver: portgroups: - yum - docker_registry - influxdb - elastic_agent_control - elastic_agent_data - elastic_agent_update - sensoroni analyst: portgroups: - nginx beats_endpoint: portgroups: - beats_5044 beats_endpoint_ssl: portgroups: - beats_5644 elasticsearch_rest: portgroups: - elasticsearch_rest elastic_agent_endpoint: portgroups: - elastic_agent_control - elastic_agent_data - elastic_agent_update endgame: portgroups: - endgame desktop: portgroups: - docker_registry - influxdb - sensoroni - yum - elastic_agent_control - elastic_agent_data - elastic_agent_update customhostgroup0: portgroups: [] customhostgroup1: portgroups: [] customhostgroup2: portgroups: [] customhostgroup3: portgroups: [] customhostgroup4: portgroups: [] customhostgroup5: portgroups: [] customhostgroup6: portgroups: [] customhostgroup7: portgroups: [] customhostgroup8: portgroups: [] customhostgroup9: portgroups: [] INPUT: hostgroups: anywhere: portgroups: - ssh dockernet: portgroups: - all fleet: portgroups: - salt_manager idh: portgroups: - salt_manager localhost: portgroups: - all sensor: portgroups: - salt_manager searchnode: portgroups: - salt_manager heavynode: portgroups: - salt_manager receiver: portgroups: - salt_manager desktop: portgroups: - salt_manager self: portgroups: - syslog syslog: portgroups: - syslog customhostgroup0: portgroups: [] customhostgroup1: portgroups: [] customhostgroup2: portgroups: [] customhostgroup3: portgroups: [] customhostgroup4: portgroups: [] customhostgroup5: portgroups: [] customhostgroup6: portgroups: [] customhostgroup7: portgroups: [] customhostgroup8: portgroups: [] customhostgroup9: portgroups: [] managersearch: chain: DOCKER-USER: hostgroups: managersearch: portgroups: - kibana - redis - influxdb - elasticsearch_rest - elasticsearch_node - docker_registry - elastic_agent_control - elastic_agent_data - elastic_agent_update - localrules - sensoroni fleet: portgroups: - elasticsearch_rest - docker_registry - influxdb - sensoroni - yum - beats_5044 - beats_5644 - beats_5056 - elastic_agent_control - elastic_agent_data - elastic_agent_update idh: portgroups: - docker_registry - influxdb - sensoroni - yum - beats_5044 - beats_5644 - elastic_agent_control - elastic_agent_data - elastic_agent_update sensor: portgroups: - beats_5044 - beats_5644 - elastic_agent_control - elastic_agent_data - elastic_agent_update - yum - docker_registry - influxdb - sensoroni searchnode: portgroups: - redis - elasticsearch_rest - elasticsearch_node - yum - docker_registry - influxdb - elastic_agent_control - elastic_agent_data - elastic_agent_update - sensoroni heavynode: portgroups: - redis - elasticsearch_rest - elasticsearch_node - yum - docker_registry - influxdb - elastic_agent_control - elastic_agent_data - elastic_agent_update - sensoroni receiver: portgroups: - yum - docker_registry - influxdb - elastic_agent_control - elastic_agent_data - elastic_agent_update - sensoroni analyst: portgroups: - nginx beats_endpoint: portgroups: - beats_5044 beats_endpoint_ssl: portgroups: - beats_5644 elasticsearch_rest: portgroups: - elasticsearch_rest elastic_agent_endpoint: portgroups: - elastic_agent_control - elastic_agent_data - elastic_agent_update endgame: portgroups: - endgame desktop: portgroups: - docker_registry - influxdb - sensoroni - yum - elastic_agent_control - elastic_agent_data - elastic_agent_update customhostgroup0: portgroups: [] customhostgroup1: portgroups: [] customhostgroup2: portgroups: [] customhostgroup3: portgroups: [] customhostgroup4: portgroups: [] customhostgroup5: portgroups: [] customhostgroup6: portgroups: [] customhostgroup7: portgroups: [] customhostgroup8: portgroups: [] customhostgroup9: portgroups: [] INPUT: hostgroups: anywhere: portgroups: - ssh dockernet: portgroups: - all fleet: portgroups: - salt_manager idh: portgroups: - salt_manager localhost: portgroups: - all sensor: portgroups: - salt_manager searchnode: portgroups: - salt_manager heavynode: portgroups: - salt_manager receiver: portgroups: - salt_manager desktop: portgroups: - salt_manager self: portgroups: - syslog syslog: portgroups: - syslog customhostgroup0: portgroups: [] customhostgroup1: portgroups: [] customhostgroup2: portgroups: [] customhostgroup3: portgroups: [] customhostgroup4: portgroups: [] customhostgroup5: portgroups: [] customhostgroup6: portgroups: [] customhostgroup7: portgroups: [] customhostgroup8: portgroups: [] customhostgroup9: portgroups: [] standalone: chain: DOCKER-USER: hostgroups: localhost: portgroups: - all standalone: portgroups: - kibana - redis - influxdb - elasticsearch_rest - elasticsearch_node - docker_registry - sensoroni - yum - beats_5044 - beats_5644 - beats_5056 - elasticsearch_node - elastic_agent_control - elastic_agent_data - elastic_agent_update - endgame - strelka_frontend - localrules fleet: portgroups: - elasticsearch_rest - docker_registry - influxdb - sensoroni - yum - beats_5044 - beats_5644 - beats_5056 - elastic_agent_control - elastic_agent_data - elastic_agent_update idh: portgroups: - docker_registry - influxdb - sensoroni - yum - beats_5044 - beats_5644 - elastic_agent_control - elastic_agent_data - elastic_agent_update sensor: portgroups: - docker_registry - influxdb - sensoroni - yum - beats_5044 - beats_5644 - elastic_agent_control - elastic_agent_data - elastic_agent_update searchnode: portgroups: - docker_registry - influxdb - sensoroni - yum - redis - elasticsearch_rest - elasticsearch_node heavynode: portgroups: - docker_registry - influxdb - sensoroni - yum - redis - elasticsearch_rest - elasticsearch_node receiver: portgroups: - yum - docker_registry - influxdb - elastic_agent_control - elastic_agent_data - elastic_agent_update - sensoroni analyst: portgroups: - nginx beats_endpoint: portgroups: - beats_5044 beats_endpoint_ssl: portgroups: - beats_5644 elasticsearch_rest: portgroups: - elasticsearch_rest elastic_agent_endpoint: portgroups: - elastic_agent_control - elastic_agent_data - elastic_agent_update endgame: portgroups: - endgame strelka_frontend: portgroups: - strelka_frontend desktop: portgroups: - docker_registry - influxdb - sensoroni - yum - elastic_agent_control - elastic_agent_data - elastic_agent_update customhostgroup0: portgroups: [] customhostgroup1: portgroups: [] customhostgroup2: portgroups: [] customhostgroup3: portgroups: [] customhostgroup4: portgroups: [] customhostgroup5: portgroups: [] customhostgroup6: portgroups: [] customhostgroup7: portgroups: [] customhostgroup8: portgroups: [] customhostgroup9: portgroups: [] INPUT: hostgroups: anywhere: portgroups: - ssh dockernet: portgroups: - all fleet: portgroups: - salt_manager idh: portgroups: - salt_manager localhost: portgroups: - all standalone: portgroups: - salt_manager sensor: portgroups: - salt_manager searchnode: portgroups: - salt_manager heavynode: portgroups: - salt_manager receiver: portgroups: - salt_manager desktop: portgroups: - salt_manager self: portgroups: - syslog syslog: portgroups: - syslog customhostgroup0: portgroups: [] customhostgroup1: portgroups: [] customhostgroup2: portgroups: [] customhostgroup3: portgroups: [] customhostgroup4: portgroups: [] customhostgroup5: portgroups: [] customhostgroup6: portgroups: [] customhostgroup7: portgroups: [] customhostgroup8: portgroups: [] customhostgroup9: portgroups: [] searchnode: chain: DOCKER-USER: hostgroups: manager: portgroups: - elasticsearch_node - elasticsearch_rest managersearch: portgroups: - elasticsearch_node - elasticsearch_rest standalone: portgroups: - elasticsearch_node - elasticsearch_rest dockernet: portgroups: - elasticsearch_node - elasticsearch_rest elasticsearch_rest: portgroups: - elasticsearch_rest searchnode: portgroups: - elasticsearch_node customhostgroup0: portgroups: [] customhostgroup1: portgroups: [] customhostgroup2: portgroups: [] customhostgroup3: portgroups: [] customhostgroup4: portgroups: [] customhostgroup5: portgroups: [] customhostgroup6: portgroups: [] customhostgroup7: portgroups: [] customhostgroup8: portgroups: [] customhostgroup9: portgroups: [] INPUT: hostgroups: anywhere: portgroups: - ssh dockernet: portgroups: - all localhost: portgroups: - all self: portgroups: - syslog syslog: portgroups: - syslog customhostgroup0: portgroups: [] customhostgroup1: portgroups: [] customhostgroup2: portgroups: [] customhostgroup3: portgroups: [] customhostgroup4: portgroups: [] customhostgroup5: portgroups: [] customhostgroup6: portgroups: [] customhostgroup7: portgroups: [] customhostgroup8: portgroups: [] customhostgroup9: portgroups: [] sensor: chain: DOCKER-USER: hostgroups: strelka_frontend: portgroups: - strelka_frontend customhostgroup0: portgroups: [] customhostgroup1: portgroups: [] customhostgroup2: portgroups: [] customhostgroup3: portgroups: [] customhostgroup4: portgroups: [] customhostgroup5: portgroups: [] customhostgroup6: portgroups: [] customhostgroup7: portgroups: [] customhostgroup8: portgroups: [] customhostgroup9: portgroups: [] INPUT: hostgroups: anywhere: portgroups: - ssh dockernet: portgroups: - all localhost: portgroups: - all self: portgroups: - syslog syslog: portgroups: - syslog customhostgroup0: portgroups: [] customhostgroup1: portgroups: [] customhostgroup2: portgroups: [] customhostgroup3: portgroups: [] customhostgroup4: portgroups: [] customhostgroup5: portgroups: [] customhostgroup6: portgroups: [] customhostgroup7: portgroups: [] customhostgroup8: portgroups: [] customhostgroup9: portgroups: [] heavynode: chain: DOCKER-USER: hostgroups: manager: portgroups: - elasticsearch_node - elasticsearch_rest managersearch: portgroups: - elasticsearch_node - elasticsearch_rest standalone: portgroups: - elasticsearch_node - elasticsearch_rest dockernet: portgroups: - elasticsearch_node - elasticsearch_rest elasticsearch_rest: portgroups: - elasticsearch_rest self: portgroups: - syslog - elasticsearch_node - elasticsearch_rest strelka_frontend: portgroups: - strelka_frontend syslog: portgroups: - syslog customhostgroup0: portgroups: [] customhostgroup1: portgroups: [] customhostgroup2: portgroups: [] customhostgroup3: portgroups: [] customhostgroup4: portgroups: [] customhostgroup5: portgroups: [] customhostgroup6: portgroups: [] customhostgroup7: portgroups: [] customhostgroup8: portgroups: [] customhostgroup9: portgroups: [] INPUT: hostgroups: anywhere: portgroups: - ssh dockernet: portgroups: - all localhost: portgroups: - all self: portgroups: - syslog syslog: portgroups: - syslog customhostgroup0: portgroups: [] customhostgroup1: portgroups: [] customhostgroup2: portgroups: [] customhostgroup3: portgroups: [] customhostgroup4: portgroups: [] customhostgroup5: portgroups: [] customhostgroup6: portgroups: [] customhostgroup7: portgroups: [] customhostgroup8: portgroups: [] customhostgroup9: portgroups: [] import: chain: DOCKER-USER: hostgroups: manager: portgroups: - kibana - redis - influxdb - elasticsearch_rest - elasticsearch_node - elastic_agent_control - localrules sensor: portgroups: - beats_5044 - beats_5644 searchnode: portgroups: - redis - elasticsearch_node beats_endpoint: portgroups: - beats_5044 beats_endpoint_ssl: portgroups: - beats_5644 elasticsearch_rest: portgroups: - elasticsearch_rest elastic_agent_endpoint: portgroups: - elastic_agent_control - elastic_agent_data - elastic_agent_update analyst: portgroups: - nginx customhostgroup0: portgroups: [] customhostgroup1: portgroups: [] customhostgroup2: portgroups: [] customhostgroup3: portgroups: [] customhostgroup4: portgroups: [] customhostgroup5: portgroups: [] customhostgroup6: portgroups: [] customhostgroup7: portgroups: [] customhostgroup8: portgroups: [] customhostgroup9: portgroups: [] INPUT: hostgroups: anywhere: portgroups: - ssh dockernet: portgroups: - all localhost: portgroups: - all customhostgroup0: portgroups: [] customhostgroup1: portgroups: [] customhostgroup2: portgroups: [] customhostgroup3: portgroups: [] customhostgroup4: portgroups: [] customhostgroup5: portgroups: [] customhostgroup6: portgroups: [] customhostgroup7: portgroups: [] customhostgroup8: portgroups: [] customhostgroup9: portgroups: [] receiver: chain: DOCKER-USER: hostgroups: desktop: portgroups: - elastic_agent_data fleet: portgroups: - elastic_agent_data idh: portgroups: - elastic_agent_data sensor: portgroups: - elastic_agent_data searchnode: portgroups: - redis - elastic_agent_data standalone: portgroups: - redis - elastic_agent_data manager: portgroups: - elastic_agent_data managersearch: portgroups: - redis - elastic_agent_data self: portgroups: - redis - elastic_agent_data beats_endpoint: portgroups: - beats_5044 beats_endpoint_ssl: portgroups: - beats_5644 elastic_agent_endpoint: portgroups: - elastic_agent_data endgame: portgroups: - endgame receiver: portgroups: [] customhostgroup0: portgroups: [] customhostgroup1: portgroups: [] customhostgroup2: portgroups: [] customhostgroup3: portgroups: [] customhostgroup4: portgroups: [] customhostgroup5: portgroups: [] customhostgroup6: portgroups: [] customhostgroup7: portgroups: [] customhostgroup8: portgroups: [] customhostgroup9: portgroups: [] INPUT: hostgroups: anywhere: portgroups: - ssh dockernet: portgroups: - all localhost: portgroups: - all self: portgroups: - syslog syslog: portgroups: - syslog customhostgroup0: portgroups: [] customhostgroup1: portgroups: [] customhostgroup2: portgroups: [] customhostgroup3: portgroups: [] customhostgroup4: portgroups: [] customhostgroup5: portgroups: [] customhostgroup6: portgroups: [] customhostgroup7: portgroups: [] customhostgroup8: portgroups: [] customhostgroup9: portgroups: [] idh: chain: DOCKER-USER: hostgroups: customhostgroup0: portgroups: [] customhostgroup1: portgroups: [] customhostgroup2: portgroups: [] customhostgroup3: portgroups: [] customhostgroup4: portgroups: [] customhostgroup5: portgroups: [] customhostgroup6: portgroups: [] customhostgroup7: portgroups: [] customhostgroup8: portgroups: [] customhostgroup9: portgroups: [] INPUT: hostgroups: anywhere: portgroups: [] dockernet: portgroups: - all localhost: portgroups: - all manager: portgroups: - openssh managersearch: portgroups: - openssh standalone: portgroups: - openssh customhostgroup0: portgroups: [] customhostgroup1: portgroups: [] customhostgroup2: portgroups: [] customhostgroup3: portgroups: [] customhostgroup4: portgroups: [] customhostgroup5: portgroups: [] customhostgroup6: portgroups: [] customhostgroup7: portgroups: [] customhostgroup8: portgroups: [] customhostgroup9: portgroups: []