mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2025-12-06 09:12:45 +01:00
108 lines
2.7 KiB
JSON
108 lines
2.7 KiB
JSON
{
|
|
"package": {
|
|
"name": "elasticsearch",
|
|
"version": ""
|
|
},
|
|
"name": "elasticsearch-logs",
|
|
"namespace": "default",
|
|
"description": "Elasticsearch Logs",
|
|
"policy_id": "so-grid-nodes_general",
|
|
"inputs": {
|
|
"elasticsearch-logfile": {
|
|
"enabled": true,
|
|
"streams": {
|
|
"elasticsearch.audit": {
|
|
"enabled": false,
|
|
"vars": {
|
|
"paths": [
|
|
"/var/log/elasticsearch/*_audit.json"
|
|
]
|
|
}
|
|
},
|
|
"elasticsearch.deprecation": {
|
|
"enabled": false,
|
|
"vars": {
|
|
"paths": [
|
|
"/var/log/elasticsearch/*_deprecation.json"
|
|
]
|
|
}
|
|
},
|
|
"elasticsearch.gc": {
|
|
"enabled": false,
|
|
"vars": {
|
|
"paths": [
|
|
"/var/log/elasticsearch/gc.log.[0-9]*",
|
|
"/var/log/elasticsearch/gc.log"
|
|
]
|
|
}
|
|
},
|
|
"elasticsearch.server": {
|
|
"enabled": true,
|
|
"vars": {
|
|
"paths": [
|
|
"/opt/so/log/elasticsearch/*.json"
|
|
]
|
|
}
|
|
},
|
|
"elasticsearch.slowlog": {
|
|
"enabled": false,
|
|
"vars": {
|
|
"paths": [
|
|
"/var/log/elasticsearch/*_index_search_slowlog.json",
|
|
"/var/log/elasticsearch/*_index_indexing_slowlog.json"
|
|
]
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"elasticsearch-elasticsearch/metrics": {
|
|
"enabled": false,
|
|
"vars": {
|
|
"hosts": [
|
|
"http://localhost:9200"
|
|
],
|
|
"scope": "node"
|
|
},
|
|
"streams": {
|
|
"elasticsearch.stack_monitoring.ccr": {
|
|
"enabled": false
|
|
},
|
|
"elasticsearch.stack_monitoring.cluster_stats": {
|
|
"enabled": false
|
|
},
|
|
"elasticsearch.stack_monitoring.enrich": {
|
|
"enabled": false
|
|
},
|
|
"elasticsearch.stack_monitoring.index": {
|
|
"enabled": false
|
|
},
|
|
"elasticsearch.stack_monitoring.index_recovery": {
|
|
"enabled": false,
|
|
"vars": {
|
|
"active.only": true
|
|
}
|
|
},
|
|
"elasticsearch.stack_monitoring.index_summary": {
|
|
"enabled": false
|
|
},
|
|
"elasticsearch.stack_monitoring.ml_job": {
|
|
"enabled": false
|
|
},
|
|
"elasticsearch.stack_monitoring.node": {
|
|
"enabled": false
|
|
},
|
|
"elasticsearch.stack_monitoring.node_stats": {
|
|
"enabled": false
|
|
},
|
|
"elasticsearch.stack_monitoring.pending_tasks": {
|
|
"enabled": false
|
|
},
|
|
"elasticsearch.stack_monitoring.shard": {
|
|
"enabled": false
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"force": true
|
|
}
|