mirror of
https://github.com/telekom-security/tpotce.git
synced 2025-10-30 20:12:53 +00:00
21 lines
531 B
Text
21 lines
531 B
Text
# Input section
|
|
input {
|
|
http {
|
|
id => "tpot"
|
|
host => "0.0.0.0"
|
|
port => "64305"
|
|
ecs_compatibility => disabled
|
|
}
|
|
}
|
|
|
|
# Output section
|
|
output {
|
|
elasticsearch {
|
|
hosts => ["elasticsearch:9200"]
|
|
# With templates now being legacy we need to set the daily index with its template manually. Otherwise a new index might be created with differents settings configured through Kibana.
|
|
index => "logstash-%{+YYYY.MM.dd}"
|
|
template => "/etc/logstash/tpot-template.json"
|
|
template_overwrite => "true"
|
|
}
|
|
|
|
}
|