Updated Reconfigure logstash.conf (markdown)

Reconfigure-logstash.conf.md

@@ -15,7 +15,7 @@ systemctl stop tpot
  
 ### 3. Adjust `logstash.conf` to your needs:
 ```
-vi /data/elk/logstash.conf
+vi $HOME/tpotce/data/elk/logstash.conf
 
 [...]
 # Output section         
@@ -48,13 +48,13 @@ output {
  
 ### 4. Set correct permissions:
 ```
-chmod 760 /data/elk/logstash.conf
+chmod 760 $HOME/tpotce/data/elk/logstash.conf
-chown tpot:tpot /data/elk/logstash.conf
+chown tpot:tpot $HOME/tpotce/data/elk/logstash.conf
 ```
 
-### 5. Adjust `tpot.yml` by adding docker volume for `logstash.conf`:
+### 5. Adjust `docker-compose.yml` by adding docker volume for `logstash.conf`:
 ```
-vi /opt/tpot/etc/tpot.yml
+vi $HOME/tpotce/docker-compose.yml
 
 [...]
 ## Logstash service
@@ -64,12 +64,19 @@ vi /opt/tpot/etc/tpot.yml
     depends_on:
       elasticsearch:
         condition: service_healthy
-    env_file:
+    environment:
-     - /opt/tpot/etc/compose/elk_environment
+     - LS_JAVA_OPTS=-Xms1024m -Xmx1024m
-    image: "dtagdevsec/logstash:1903"
+     - TPOT_TYPE=${TPOT_TYPE:-HIVE}
+     - TPOT_HIVE_USER=${TPOT_HIVE_USER}
+     - TPOT_HIVE_IP=${TPOT_HIVE_IP}
+    ports:
+     - "127.0.0.1:64305:64305"
+    mem_limit: 2g
+    image: ${TPOT_REPO}/logstash:${TPOT_VERSION}
+    pull_policy: ${TPOT_PULL_POLICY}
     volumes:
-     - /data:/data
+     - ${TPOT_DATA_PATH}:/data
-     - /data/elk/logstash.conf:/etc/logstash/logstash.conf
+     - ${TPOT_DATA_PATH}/elk/logstash.conf:/etc/logstash/logstash.conf
 [...]
 ```