mirror of
https://github.com/Lanakod-Networks/snort-docker.git
synced 2025-07-04 13:26:38 +03:00
25 lines
604 B
Plaintext
25 lines
604 B
Plaintext
input {
|
|
file {
|
|
#https://www.elastic.co/guide/en/logstash/current/plugins-inputs-file.html
|
|
#default is TAIL which assumes more data will come into the file.
|
|
#change to mode => "read" if the file is a compelte file. by default, the file will be removed once reading is complete -- backup your files if you need them.
|
|
mode => "tail"
|
|
path => "/usr/share/logstash/ingest_data/*"
|
|
}
|
|
}
|
|
|
|
|
|
filter {
|
|
}
|
|
|
|
|
|
output {
|
|
elasticsearch {
|
|
index => "logstash-%{+YYYY.MM.dd}"
|
|
hosts=> "${ELASTIC_HOSTS}"
|
|
user=> "${ELASTIC_USER}"
|
|
password=> "${ELASTIC_PASSWORD}"
|
|
cacert=> "certs/ca/ca.crt"
|
|
}
|
|
}
|