CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
master
securityonion/salt/filebeat/securityoniondefaults.yaml
Mike Reeves 12d4d4a4f7 Dynamix Pipelines take 2
2021-06-10 09:19:15 -04:00

31 lines
965 B
YAML
Raw Permalink Blame History

{%- set ZEEKVER = salt['pillar.get']('global:mdengine', '') %}
{% set ZEEKLOGLOOKUP = {
'conn': 'connection',
} %}
securityonion_filebeat:
modules:
{%- if grains['role'] in ['so-manager', 'so-eval', 'so-managersearch', 'so-standalone','so-node', 'so-hotnode', 'so-warmnode', 'so-heavynode'] %}
elasticsearch:
server:
enabled: true
var.paths: ["/logs/elasticsearch/*.log"]
logstash:
log:
enabled: true
var.paths: ["/logs/logstash.log"]
{%- endif %}
{%- if grains['role'] in ['so-manager', 'so-eval', 'so-managersearch', 'so-standalone'] %}
kibana:
log:
enabled: true
var.paths: ["/logs/kibana/kibana.log"]
{%- endif %}
{%- if grains['role'] in ['so-manager', 'so-eval', 'so-managersearch', 'so-standalone', 'so-heavynode'] %}
redis:
log:
enabled: true
var.paths: ["/logs/redis.log"]
slowlog:
enabled: false
{%- endif %}
Reference in New Issue View Git Blame Copy Permalink