177 lines
No EOL
4.9 KiB
Django/Jinja
177 lines
No EOL
4.9 KiB
Django/Jinja
# {{ ansible_managed }}
|
|
#=========================== Filebeat inputs =============================
|
|
filebeat.inputs:
|
|
- type: log
|
|
enabled: false
|
|
paths:
|
|
- /var/log/*.log
|
|
{% if groups["veza_app_gen_2"] is defined and ansible_hostname in groups["veza_app_gen_2"] and filebeat_enable_test_config %}
|
|
- type: filestream
|
|
id: talas-tomcat-accesslog
|
|
enabled: true
|
|
tags:
|
|
- talas_tomcat_accesslog
|
|
paths:
|
|
- /applications/tomcat/logs/*.txt
|
|
- type: filestream
|
|
id: talas-veza-app
|
|
enabled: true
|
|
tags:
|
|
- talas_veza_app
|
|
paths:
|
|
- /applications/logs/cos-veza/*/LOG/log.log
|
|
multiline.pattern: '^\[[0-9]{4}-[0-9]{2}-[0-9]{2}'
|
|
multiline.negate: true
|
|
multiline.match: after
|
|
{% endif %}
|
|
{% if filebeat_ingest_firewall %}
|
|
- type: filestream
|
|
id: talas-firewall
|
|
enabled: true
|
|
tags:
|
|
- talas_firewall
|
|
paths:
|
|
- /var/log/ulog/*.log
|
|
processors:
|
|
- add_locale: ~
|
|
{% endif %}
|
|
{% if filebeat_ingest_keycloak %}
|
|
- type: filestream
|
|
id: talas-keycloak
|
|
enabled: true
|
|
tags:
|
|
- talas_keycloak
|
|
paths:
|
|
- /var/log/keycloak/keycloak.log
|
|
{% endif %}
|
|
{% if haproxy_present %}
|
|
- type: filestream
|
|
id: talas-haproxy-http
|
|
enabled: true
|
|
tags:
|
|
- talas_haproxy_http
|
|
paths:
|
|
- /var/log/haproxy/http.log
|
|
- type: filestream
|
|
id: talas-haproxy-tcp
|
|
enabled: true
|
|
tags:
|
|
- talas_haproxy_tcp
|
|
paths:
|
|
- /var/log/haproxy/tcp.log
|
|
{% if haproxy_present %}
|
|
- type: filestream
|
|
id: talas-haproxy-spoe
|
|
enabled: true
|
|
tags:
|
|
- talas_haproxy_spoe
|
|
paths:
|
|
- /var/log/haproxy/spoe.log
|
|
{% endif %}
|
|
{% endif %}
|
|
#============================= Filebeat modules ===============================
|
|
filebeat.config.modules:
|
|
path: ${path.config}/modules.d/*.yml
|
|
reload.enabled: false
|
|
#==================== Elasticsearch template setting ==========================
|
|
setup.template.settings:
|
|
index.number_of_shards: 1
|
|
#================================ General =====================================
|
|
name: {{ ansible_hostname }}
|
|
{% if filebeat_setup_kibana_host is defined %}
|
|
#============================== Kibana =====================================
|
|
setup.kibana:
|
|
host: "{{ filebeat_setup_kibana_host }}"
|
|
{% endif %}
|
|
#================================ Outputs =====================================
|
|
output.elasticsearch:
|
|
hosts: [ "{{ filebeat_output_elasticsearch_hosts | join('", "') }}" ]
|
|
|
|
protocol: "{{ filebeat_output_elasticsearch_protocol | default('https') }}"
|
|
username: "{{ ansible_hostname }}"
|
|
password: "{{ ldappass }}"
|
|
pipelines:
|
|
- pipeline: "talas_tomcat_accesslog"
|
|
when:
|
|
contains:
|
|
tags: "talas_tomcat_accesslog"
|
|
- pipeline: "talas_veza_app"
|
|
when:
|
|
contains:
|
|
tags: "talas_veza_app"
|
|
- pipeline: "talas_samba_veza"
|
|
when:
|
|
contains:
|
|
tags: "talas_samba_veza"
|
|
- pipeline: "talas_samba_auditlog"
|
|
when:
|
|
contains:
|
|
tags: "talas_samba_auditlog"
|
|
- pipeline: "talas_firewall"
|
|
when:
|
|
contains:
|
|
tags: "talas_firewall"
|
|
- pipeline: "talas_keycloak_json"
|
|
when:
|
|
contains:
|
|
tags: "talas_keycloak"
|
|
{% if haproxy_present %}
|
|
- pipeline: "talas_haproxy_http"
|
|
when:
|
|
contains:
|
|
tags: "talas_haproxy_http"
|
|
- pipeline: "talas_haproxy_tcp"
|
|
when:
|
|
contains:
|
|
tags: "talas_haproxy_tcp"
|
|
{% if haproxy_present %}
|
|
- pipeline: "talas_haproxy_spoe"
|
|
when:
|
|
contains:
|
|
tags: "talas_haproxy_spoe"
|
|
{% endif %}
|
|
{% endif %}
|
|
indices:
|
|
{% if filebeat_separate_system_logs %}
|
|
- index: "logs-{{ talas_project | default('infra') }}-{{ talas_group | default('default') }}"
|
|
when:
|
|
or:
|
|
- equals:
|
|
event.module: "apache"
|
|
- equals:
|
|
event.module: "haproxy"
|
|
- contains:
|
|
tags: "talas_tomcat_accesslog"
|
|
- contains:
|
|
tags: "talas_samba_veza"
|
|
- contains:
|
|
tags: "talas_samba_auditlog"
|
|
- contains:
|
|
tags: "talas_firewall"
|
|
- contains:
|
|
tags: "talas_keycloak"
|
|
{% if haproxy_present %}
|
|
- contains:
|
|
tags: "talas_haproxy_http"
|
|
- contains:
|
|
tags: "talas_haproxy_tcp"
|
|
{% if haproxy_present %}
|
|
- contains:
|
|
tags: "talas_haproxy_spoe"
|
|
{% endif %}
|
|
{% endif %}
|
|
- index: "logs-infra-system"
|
|
{% else %}
|
|
- index: "logs-{{ talas_project | default('infra') }}-{{ talas_group | default('default') }}"
|
|
{% endif %}
|
|
#================================ Processors =====================================
|
|
processors:
|
|
- add_host_metadata: ~
|
|
#================================ Logging =====================================
|
|
logging.level: {{ filebeat_logging_level }}
|
|
logging.to_files: true
|
|
logging.files:
|
|
path: /var/log/filebeat
|
|
name: filebeat
|
|
keepfiles: 7
|
|
permissions: 0600 |