mirror of
https://github.com/telekom-security/tpotce.git
synced 2025-10-14 20:39:14 +00:00
Updated Reconfigure logstash.conf (markdown)
parent
5eea2d5c46
commit
742465b755
1 changed files with 17 additions and 10 deletions
|
@ -15,7 +15,7 @@ systemctl stop tpot
|
||||||
|
|
||||||
### 3. Adjust `logstash.conf` to your needs:
|
### 3. Adjust `logstash.conf` to your needs:
|
||||||
```
|
```
|
||||||
vi /data/elk/logstash.conf
|
vi $HOME/tpotce/data/elk/logstash.conf
|
||||||
|
|
||||||
[...]
|
[...]
|
||||||
# Output section
|
# Output section
|
||||||
|
@ -48,13 +48,13 @@ output {
|
||||||
|
|
||||||
### 4. Set correct permissions:
|
### 4. Set correct permissions:
|
||||||
```
|
```
|
||||||
chmod 760 /data/elk/logstash.conf
|
chmod 760 $HOME/tpotce/data/elk/logstash.conf
|
||||||
chown tpot:tpot /data/elk/logstash.conf
|
chown tpot:tpot $HOME/tpotce/data/elk/logstash.conf
|
||||||
```
|
```
|
||||||
|
|
||||||
### 5. Adjust `tpot.yml` by adding docker volume for `logstash.conf`:
|
### 5. Adjust `docker-compose.yml` by adding docker volume for `logstash.conf`:
|
||||||
```
|
```
|
||||||
vi /opt/tpot/etc/tpot.yml
|
vi $HOME/tpotce/docker-compose.yml
|
||||||
|
|
||||||
[...]
|
[...]
|
||||||
## Logstash service
|
## Logstash service
|
||||||
|
@ -64,12 +64,19 @@ vi /opt/tpot/etc/tpot.yml
|
||||||
depends_on:
|
depends_on:
|
||||||
elasticsearch:
|
elasticsearch:
|
||||||
condition: service_healthy
|
condition: service_healthy
|
||||||
env_file:
|
environment:
|
||||||
- /opt/tpot/etc/compose/elk_environment
|
- LS_JAVA_OPTS=-Xms1024m -Xmx1024m
|
||||||
image: "dtagdevsec/logstash:1903"
|
- TPOT_TYPE=${TPOT_TYPE:-HIVE}
|
||||||
|
- TPOT_HIVE_USER=${TPOT_HIVE_USER}
|
||||||
|
- TPOT_HIVE_IP=${TPOT_HIVE_IP}
|
||||||
|
ports:
|
||||||
|
- "127.0.0.1:64305:64305"
|
||||||
|
mem_limit: 2g
|
||||||
|
image: ${TPOT_REPO}/logstash:${TPOT_VERSION}
|
||||||
|
pull_policy: ${TPOT_PULL_POLICY}
|
||||||
volumes:
|
volumes:
|
||||||
- /data:/data
|
- ${TPOT_DATA_PATH}:/data
|
||||||
- /data/elk/logstash.conf:/etc/logstash/logstash.conf
|
- ${TPOT_DATA_PATH}/elk/logstash.conf:/etc/logstash/logstash.conf
|
||||||
[...]
|
[...]
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue