CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-05-09 12:52:38 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
fix/import-postgres-firewall
securityonion/salt/telegraf/soc_telegraf.yaml
T
Mike Reeves 3ecd19d085 Move telegraf_output from global pillar to telegraf pillar 
The Telegraf backend selector lived at global.telegraf_output but it is
a Telegraf-scoped setting, not a cross-cutting grid global. Move both
the value and the UI annotation under the telegraf pillar so it shows
up alongside the other Telegraf tuning knobs in the Configuration UI.

- salt/telegraf/defaults.yaml:    add telegraf.output: BOTH
- salt/telegraf/soc_telegraf.yaml: add telegraf.output annotation
- salt/global/defaults.yaml:      remove global.telegraf_output
- salt/global/soc_global.yaml:    remove global.telegraf_output annotation
- salt/vars/globals.map.jinja:    drop telegraf_output from GLOBALS
- salt/firewall/map.jinja:        read via pillar.get('telegraf:output')
- salt/postgres/telegraf_users.sls: read via pillar.get('telegraf:output')
- salt/telegraf/etc/telegraf.conf: read via TELEGRAFMERGED.output
- salt/postgres/tools/sbin/so-stats-show: update user-facing docs

No behavioral change — default stays BOTH.
2026-04-20 16:03:02 -04:00

74 lines
2.2 KiB
YAML
Raw Permalink Blame History

telegraf:
enabled:
description: Enables the grid metrics collection process. WARNING - Security Onion grid health monitoring requires this process to remain enabled. Disabling it will cause unexpected and unsupported results.
forcedType: bool
advanced: True
helpLink: influxdb
output:
description: Selects the backend(s) Telegraf writes metrics to. INFLUXDB keeps the current behavior; POSTGRES writes to the grid's Postgres instance; BOTH dual-writes for migration validation.
options:
- INFLUXDB
- POSTGRES
- BOTH
global: True
advanced: True
helpLink: influxdb
config:
interval:
description: Data collection interval.
global: True
helpLink: influxdb
metric_batch_size:
description: Data collection batch size.
global: True
advanced: True
helpLink: influxdb
metric_buffer_limit:
description: Data collection buffer size.
global: True
advanced: True
helpLink: influxdb
collection_jitter:
description: Jitter of the flush interval.
global: True
advanced: True
helpLink: influxdb
flush_interval:
description: Flush interval for all outputs.
global: True
advanced: True
helpLink: influxdb
flush_jitter:
description: Jitter the flush interval.
global: True
advanced: True
helpLink: influxdb
debug:
description: Run telegraf with debug log messages
forcedType: bool
advanced: True
helpLink: influxdb
quiet:
description: Run telegraf in quiet mode (error log messages only).
forcedType: bool
advanced: True
helpLink: influxdb
scripts:
eval: &telegrafscripts
description: List of input.exec scripts to run for this node type. The script must be present in salt/telegraf/scripts.
forcedType: "[]string"
multiline: True
advanced: True
helpLink: influxdb
standalone: *telegrafscripts
manager: *telegrafscripts
managersearch: *telegrafscripts
import: *telegrafscripts
sensor: *telegrafscripts
heavynode: *telegrafscripts
idh: *telegrafscripts
searchnode: *telegrafscripts
receiver: *telegrafscripts
fleet: *telegrafscripts
desktop: *telegrafscripts
Reference in New Issue View Git Blame Copy Permalink