trinitor/log_collection_docker
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

first commit

Browse Source
This commit is contained in:
Trinitor
2022-12-27 21:59:06 +01:00
commit 7ae0b00241
29 changed files with 1157 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

51
data/syslog-filebeat/config/filebeat.yml Normal file
View File

@@ -0,0 +1,51 @@
# for more modules visit https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-modules-overview.html
filebeat.inputs:
- type: udp
max_message_size: 10KiB
host: "0.0.0.0:514"
tags: ["udp-514"]
- type: tcp
max_message_size: 10MiB
host: "0.0.0.0:514"
tags: ["tcp-514"]
filebeat.modules:
#- module: cisco
# asa:
# var.syslog_host: 0.0.0.0
# var.syslog_port: 9001
# var.log_level: 5
#
#- module: cisco
# ios:
# var.syslog_host: 0.0.0.0
# var.syslog_port: 9002
# var.log_level: 5
#
#- module: cef
# log:
# var.syslog_host: 0.0.0.0
# var.syslog_port: 9003
#
#- module: checkpoint
# firewall:
# var.syslog_host: 0.0.0.0
# var.syslog_port: 9004
#
- module: netflow
log:
enabled: true
var:
netflow_host: 0.0.0.0
netflow_port: 2055
tags: ["netflow"]
#- module: snort
# snort:
# var.syslog_host: 0.0.0.0
# var.syslog_port: 9532
output.logstash:
enabled: true
hosts: ["${LOGSTASH_HOST}"]