telekom-security/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-07-02 01:27:27 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
175e1944c2fe33cb6742d481a494518d565081d4
tpotce/docker/elk/logstash/dist/http_input.conf

29 lines
698 B
Plaintext
Raw Normal View History

tweaking
2021-12-08 23:55:13 +00:00
# Input section
input {
http {
id => "tpot"
host => "0.0.0.0"
tweaking, add sentrypeer to logstash config
2022-02-24 17:39:57 +00:00
port => "64305"
finetune logstash image and compose settings
2022-03-31 14:46:56 +00:00
ecs_compatibility => disabled
tweaking
2021-12-08 23:55:13 +00:00
}
}
# Output section
output {
elasticsearch {
hosts => ["elasticsearch:9200"]
Tweaking Remove Elasticsearch-Curator in packages, configs and references (BREAKING CHANGE) Add Index Lifecycle Management in favor of elasticsearch-curator Point all images to 2203 tags
2022-01-14 15:52:08 +00:00
# With templates now being legacy we need to set the daily index with its template manually. Otherwise a new index might be created with differents settings configured through Kibana.
tweaking
2021-12-08 23:55:13 +00:00
index => "logstash-%{+YYYY.MM.dd}"
bump elastic stack to 8.0.0
2022-02-16 02:55:20 +00:00
template => "/etc/logstash/tpot-template.json"
Tweaking Remove Elasticsearch-Curator in packages, configs and references (BREAKING CHANGE) Add Index Lifecycle Management in favor of elasticsearch-curator Point all images to 2203 tags
2022-01-14 15:52:08 +00:00
template_overwrite => "true"
tweaking
2021-12-08 23:55:13 +00:00
}
Bump Elastic Stack to 8.18.3 - Logstash: include syslog output plugin and config example
2025-06-30 16:06:45 +02:00
# Syslog Output Example
# syslog {
# host => "192.168.1.1"
# port => 514
# protocol => tcp
# appname => "logstash-logs"
# severity => "6"
# }
tweaking
2021-12-08 23:55:13 +00:00
}
Reference in New Issue Copy Permalink