CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-15 21:52:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
94fe456e28bea732c7c0ffbb607ab6fa4cf9bafd
securityonion/salt/logstash/soc_logstash.yaml
m0duspwnens 7a4fea7a12 fix nginx merge conflicts
2023-05-15 11:40:12 -04:00

69 lines
2.2 KiB
YAML
Raw Blame History

logstash:
enabled:
description: You can enable or disable Logstash.
helpLink: logstash.html
assigned_pipelines:
roles:
standalone: &assigned_pipelines
description: List of defined pipelines to add to this role.
advanced: True
helpLink: logstash.html
multiline: True
forcedType: "[]string"
receiver: *assigned_pipelines
heavynode: *assigned_pipelines
searchnode: *assigned_pipelines
manager: *assigned_pipelines
managersearch: *assigned_pipelines
fleet: *assigned_pipelines
defined_pipelines:
receiver: &defined_pipelines
description: List of pipeline configurations assign to this group.
advanced: True
helpLink: logstash.html
multiline: True
forcedType: "[]string"
fleet: *defined_pipelines
manager: *defined_pipelines
search: *defined_pipelines
custom0: *defined_pipelines
custom1: *defined_pipelines
custom2: *defined_pipelines
custom3: *defined_pipelines
custom4: *defined_pipelines
settings:
lsheap:
description: Heap size to use for logstash
helpLink: logstash.html
global: False
config:
http_x_host:
description: Host interface to listen to connections.
helpLink: logstash.html
readonly: True
advanced: True
path_x_logs:
description: Path inside the container to wrote logs.
helpLink: logstash.html
readonly: True
advanced: True
pipeline_x_workers:
description: Number of worker threads to process events in logstash.
helpLink: logstash.html
global: False
pipeline_x_batch_x_size:
description: Logstash batch size.
helpLink: logstash.html
global: False
pipeline_x_ecs_compatibility:
description: Sets ECS compatibility. This is set per pipeline so you should never need to change this.
helpLink: logstash.html
readonly: True
advanced: True
dmz_nodes:
description: "List of receiver nodes in DMZs. Prevents sensors from sending to these receivers. Primarily used for external Elastic agents."
helpLink: logstash.html
multiline: True
advanced: True
forcedType: "[]string"
Reference in New Issue View Git Blame Copy Permalink