Bump Elastic Stack to 8.18.3

- Logstash: include syslog output plugin and config example

docker/elk/logstash/Dockerfile

@@ -1,6 +1,6 @@
 FROM ubuntu:24.04
 ENV DEBIAN_FRONTEND=noninteractive
-ENV LS_VER=8.18.2
+ENV LS_VER=8.18.3
 #
 # Include dist
 COPY dist/ /root/dist/
@@ -42,6 +42,7 @@ RUN apt-get update -y && \
     cp tpot-template.json /etc/logstash/ && \
     cd /usr/share/logstash && \
     bin/logstash-plugin update logstash-filter-translate && \
+	bin/logstash-plugin install logstash-output-syslog && \
     rm /etc/logstash/pipelines.yml && \
     rm /etc/logstash/logstash.yml && \
 #

docker/elk/logstash/dist/http_input.conf

@@ -17,5 +17,12 @@ output {
     template => "/etc/logstash/tpot-template.json"
     template_overwrite => "true"
   }
-
+  # Syslog Output Example
+  # syslog {
+  #   host => "192.168.1.1"
+  #   port => 514
+  #   protocol => tcp
+  #   appname => "logstash-logs"
+  #   severity => "6"
+  # }
 }

docker/elk/logstash/dist/logstash.conf

@@ -816,7 +816,14 @@ output {
     template => "/etc/logstash/tpot-template.json"
     template_overwrite => "true"
   }
-
+  # Syslog Output Example
+  # syslog {
+  #   host => "192.168.1.1"
+  #   port => 514
+  #   protocol => tcp
+  #   appname => "logstash-logs"
+  #   severity => "6"
+  # }
   #if [type] == "Suricata" {
   #    file {
   #      file_mode => 0770