Updated Reconfigure logstash.conf (markdown)

2025-10-14 12:29:15 +00:00 · 2024-04-23 15:35:35 +02:00 · 2024-04-23 15:35:35 +02:00 · 742465b755
commit 742465b755
parent 5eea2d5c46
1 changed files with 17 additions and 10 deletions
--- a/Reconfigure-logstash.conf.md
+++ b/Reconfigure-logstash.conf.md
@ -15,7 +15,7 @@ systemctl stop tpot
 
 ### 3. Adjust `logstash.conf` to your needs:
 ```
-vi /data/elk/logstash.conf
+vi $HOME/tpotce/data/elk/logstash.conf

 [...]
 # Output section         
@ -48,13 +48,13 @@ output {
 
 ### 4. Set correct permissions:
 ```
-chmod 760 /data/elk/logstash.conf
-chown tpot:tpot /data/elk/logstash.conf
+chmod 760 $HOME/tpotce/data/elk/logstash.conf
+chown tpot:tpot $HOME/tpotce/data/elk/logstash.conf
 ```

-### 5. Adjust `tpot.yml` by adding docker volume for `logstash.conf`:
+### 5. Adjust `docker-compose.yml` by adding docker volume for `logstash.conf`:
 ```
-vi /opt/tpot/etc/tpot.yml
+vi $HOME/tpotce/docker-compose.yml

 [...]
 ## Logstash service
@ -64,12 +64,19 @@ vi /opt/tpot/etc/tpot.yml
    depends_on:
      elasticsearch:
        condition: service_healthy
-    env_file:
-     - /opt/tpot/etc/compose/elk_environment
-    image: "dtagdevsec/logstash:1903"
+    environment:
+     - LS_JAVA_OPTS=-Xms1024m -Xmx1024m
+     - TPOT_TYPE=${TPOT_TYPE:-HIVE}
+     - TPOT_HIVE_USER=${TPOT_HIVE_USER}
+     - TPOT_HIVE_IP=${TPOT_HIVE_IP}
+    ports:
+     - "127.0.0.1:64305:64305"
+    mem_limit: 2g
+    image: ${TPOT_REPO}/logstash:${TPOT_VERSION}
+    pull_policy: ${TPOT_PULL_POLICY}
    volumes:
-     - /data:/data
-     - /data/elk/logstash.conf:/etc/logstash/logstash.conf
+     - ${TPOT_DATA_PATH}:/data
+     - ${TPOT_DATA_PATH}/elk/logstash.conf:/etc/logstash/logstash.conf
 [...]
 ```