mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2025-12-15 21:52:47 +01:00
30 lines
908 B
YAML
30 lines
908 B
YAML
{% set ZEEKLOGLOOKUP = {
|
|
'conn': 'connection',
|
|
} %}
|
|
securityonion_filebeat:
|
|
modules:
|
|
{%- if grains['role'] in ['so-manager', 'so-eval', 'so-managersearch', 'so-standalone','so-searchnode', 'so-hotnode', 'so-warmnode', 'so-heavynode'] %}
|
|
elasticsearch:
|
|
server:
|
|
enabled: true
|
|
var.paths: ["/logs/elasticsearch/*.log"]
|
|
logstash:
|
|
log:
|
|
enabled: true
|
|
var.paths: ["/logs/logstash.log"]
|
|
{%- endif %}
|
|
{%- if grains['role'] in ['so-manager', 'so-eval', 'so-managersearch', 'so-standalone'] %}
|
|
kibana:
|
|
log:
|
|
enabled: true
|
|
var.paths: ["/logs/kibana/kibana.log"]
|
|
{%- endif %}
|
|
{%- if grains['role'] in ['so-manager', 'so-eval', 'so-managersearch', 'so-standalone', 'so-heavynode'] %}
|
|
redis:
|
|
log:
|
|
enabled: true
|
|
var.paths: ["/logs/redis.log"]
|
|
slowlog:
|
|
enabled: false
|
|
{%- endif %}
|
|
|