-
Notifications
You must be signed in to change notification settings - Fork 3
/
filebeat.yml
executable file
·32 lines (28 loc) · 1.18 KB
/
filebeat.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
#------------------------------------------------------------------------------
# Copyright (C)2018 Robert Cowart
#
# The contents of this file and/or repository are subject to the Robert Cowart
# Public License (the "License") and may not be used or distributed except in
# compliance with the License. You may obtain a copy of the License at:
#
# http://www.koiossian.com/public/robert_cowart_public_license.txt
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License for
# the specific language governing rights and limitations under the License.
#
# The Original Source Code was developed by Robert Cowart. Portions created by
# Robert Cowart are Copyright (C)2018 Robert Cowart. All Rights Reserved.
#------------------------------------------------------------------------------
filebeat.prospectors:
- type: log
enabled: true
paths:
- /var/log/suricata/eve.json
fields:
event.type: suricata
output.logstash:
hosts: ["logstash:5044"]
#ssl.certificate_authorities: ["/etc/pki/root/ca.pem"]
#ssl.certificate: "/etc/pki/client/cert.pem"
#ssl.key: "/etc/pki/client/cert.key"