telekom-security/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-07-02 01:27:27 -04:00
Code Issues Packages Projects Releases Wiki Activity

prep for elk 7.9

Browse Source
This commit is contained in:
t3chn0m4g3
2020-08-24 10:35:46 +00:00
parent c1f7146800
commit 5080151b7c
6 changed files with 26 additions and 178 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
docker/elk/logstash/dist/logstash.conf vendored
View File

@ -534,8 +534,9 @@ if "_grokparsefailure" in [tags] { drop {} }
output {
elasticsearch {
hosts => ["elasticsearch:9200"]
# With ILM in place we need to set the daily index manually, if not => FUBAR
# With templates now being legacy and ILM in place we need to set the daily index with its template manually. Otherwise a new index might be created with differents settings configured through Kibana.
index => "logstash-%{+YYYY.MM.dd}"
template => "/etc/logstash/tpot_es_template.json"
# document_type => "doc"
}