trinitor/DetectionLab
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

added Malcolm

Browse Source
This commit is contained in:
Trinitor
2021-08-06 10:35:01 +02:00
parent f043730066
commit 70f1922e80
751 changed files with 195277 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Vagrant/resources/malcolm/logstash/pipelines/external/00_config.conf
Vendored
+3
View File
@@ -0,0 +1,3 @@
queue.type: persisted
queue.max_bytes: 4gb
path.queue: "/logstash-persistent-queue"
Vagrant/resources/malcolm/logstash/pipelines/external/01_input_external_es.conf
Vendored
+6
View File
@@ -0,0 +1,6 @@
input {
pipeline {
address => "${ELASTICSEARCH_PIPELINE_ADDRESS_EXTERNAL:external-es}"
}
}
Vagrant/resources/malcolm/logstash/pipelines/external/99_elastic_output.conf
Vendored
+13
View File
@@ -0,0 +1,13 @@
output {
elasticsearch {
id => "output_external_elasticsearch_moloch"
hosts => "${ES_EXTERNAL_HOSTS}"
ssl => "${ES_EXTERNAL_SSL:true}"
ssl_certificate_verification => "${ES_EXTERNAL_SSL_CERTIFICATE_VERIFICATION:false}"
user => "${ES_EXTERNAL_USER:}"
password => "${ES_EXTERNAL_PASSWORD:}"
manage_template => false
index => "sessions2-%{+YYMMdd}"
document_id => "%{+YYMMdd}-%{zeekLogDocId}"
}
}