crappyrules
/
mistborn
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Mistborn is your own virtual private cloud platform and WebUI that manages self hosted services, and secures them with firewall, Wireguard VPN w/ PiHole-DNSCrypt, and IP filtering. Optional SIEM+IDS. Supports 2FA, Nextcloud, Jitsi, Home Assistant, +
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
196 Commits
15 Branches
0 Tags
962 KiB
 
 
Tree: 3968000c89
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '3968000c89'
${ noResults }
mistborn/scripts/services/scirius/files/filebeat.docker.yml

62 lines
2.0 KiB
Raw Blame History

filebeat.modules:
- module: suricata
eve:
enabled: true
var.paths: ["/var/log/suricata/eve.json"]
# - module: system
# syslog:
# enabled: true
# auth:
# enabled: true
# - module: auditd
# log:
# # - Does not look like Auditd is supported in Alpine linux: https://github.com/linuxkit/linuxkit/issues/52
# # - CentOS does not need us to install the audit system, it ships as standard. If you are using Ubuntu, though,
# # this is probably something you would want to install. (sudo apt-get install -y auditd audispd-plugins)
# enabled: true
#filebeat.inputs:
#- type: container
# enabled: true
# paths:
# -/var/lib/docker/containers/*/*.log
# stream: all # can be all, stdout or stderr
#========================== Filebeat autodiscover ==============================
# See this URL on how to run Apache2 Filebeat module: # https://www.elastic.co/guide/en/beats/filebeat/current/running-on-docker.html
filebeat.autodiscover:
providers:
- type: docker
# https://www.elastic.co/guide/en/beats/filebeat/current/configuration-autodiscover-hints.html
# This URL alos contains instructions on multi-line logs
hints.enabled: true
#================================ Processors ===================================
processors:
#- add_cloud_metadata: ~
- add_docker_metadata: ~
- add_locale:
format: offset
- add_host_metadata:
netinfo.enabled: true
#========================== Elasticsearch output ===============================
output.elasticsearch:
hosts: ["${ELASTICSEARCH_HOST}:9200"]
username: ${ELASTICSEARCH_USERNAME}
password: ${ELASTICSEARCH_PASSWORD}
#============================== Dashboards =====================================
setup.dashboards:
enabled: true
#============================== Kibana =========================================
setup.kibana:
host: "${KIBANA_HOST}:80"
username: ${ELASTICSEARCH_USERNAME}
password: ${ELASTICSEARCH_PASSWORD}
#============================== Xpack Monitoring ===============================
xpack.monitoring:
enabled: true
elasticsearch: