paulmataruso/wazuh-docker-mirror
1
0
Fork 0
mirror of https://github.com/wazuh/wazuh-docker.git synced 2025-10-23 04:51:57 +00:00
Code Issues Packages Projects Releases Wiki Activity

Remove Logstash pipeline customization (#280)

Browse Source
This commit is contained in:
AlfonsoRBJ
2019-12-05 11:48:15 +01:00
committed by Jesús Linares
parent 910caf6bd3
commit 2b7171101b
4 changed files with 6 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
logstash/Dockerfile
View File

@@ -9,6 +9,7 @@ RUN chmod 755 /entrypoint.sh
RUN rm -f /usr/share/logstash/pipeline/logstash.conf
ENV PIPELINE_FROM_FILE="false"
COPY config/01-wazuh.conf /usr/share/logstash/pipeline/01-wazuh.conf
# This CA is created for testing. Please set your own CA pem signed certificate.
@@ -36,11 +37,9 @@ RUN chown -R logstash:logstash /entrypoint-scripts
COPY --chown=logstash:logstash ./config/05-decrypt_credentials.sh /entrypoint-scripts/05-decrypt_credentials.sh
COPY --chown=logstash:logstash ./config/10-entrypoint.sh /entrypoint-scripts/10-entrypoint.sh
COPY --chown=logstash:logstash ./config/10-entrypoint_configuration.sh ./config/10-entrypoint_configuration.sh
COPY --chown=logstash:logstash ./config/10-entrypoint_pipeline.sh ./config/10-entrypoint_pipeline.sh
RUN chmod +x /entrypoint-scripts/05-decrypt_credentials.sh && \
chmod +x /entrypoint-scripts/10-entrypoint.sh && \
chmod +x ./config/10-entrypoint_configuration.sh && \
chmod +x ./config/10-entrypoint_pipeline.sh
chmod +x ./config/10-entrypoint_configuration.sh
USER logstash

4
logstash/config/01-wazuh.conf
View File

@@ -44,9 +44,5 @@ output {
elasticsearch {
hosts => ["elasticsearch:9200"]
index => "wazuh-alerts-3.x-%{+YYYY.MM.dd}"
#user => service_logstash
#password => service_logstash_internal_password
#ssl => true
#cacert => "/path/to/cert.pem"
}
}

9
logstash/config/10-entrypoint.sh
View File

@@ -67,8 +67,11 @@ echo "ENTRYPOINT - curl authentication established"
if [ "$LOGSTASH_OUTPUT" != "" ]; then
>&2 echo "ENTRYPOINT - Customize Logstash ouput ip."
sed -i 's|elasticsearch:9200|'$LOGSTASH_OUTPUT'|g' /usr/share/logstash/pipeline/01-wazuh.conf
sed -i 's|http://elasticsearch:9200|'$LOGSTASH_OUTPUT'|g' /usr/share/logstash/config/logstash.yml
if [[ "$PIPELINE_FROM_FILE" == "false" ]]; then
sed -i 's|elasticsearch:9200|'$LOGSTASH_OUTPUT'|g' /usr/share/logstash/pipeline/01-wazuh.conf
fi
fi
@@ -101,10 +104,6 @@ if [[ $SECURITY_ENABLED == "yes" ]]; then
## Settings for logstash.yml
bash /usr/share/logstash/config/10-entrypoint_configuration.sh
## Settings for 01-wazuh.conf
bash /usr/share/logstash/config/10-entrypoint_pipeline.sh
## Add keys to the keystore
echo -e "$LOGSTASH_USER" | /usr/share/logstash/bin/logstash-keystore --path.settings /usr/share/logstash/config add LOGSTASH_KS_USER

21
logstash/config/10-entrypoint_pipeline.sh
View File

@@ -1,21 +0,0 @@
#!/bin/bash
# Wazuh App Copyright (C) 2019 Wazuh Inc. (License GPLv2)
#
# OSSEC container bootstrap. See the README for information of the environment
# variables expected by this script.
#
set -e
##############################################################################
# Adapt 01-wazuh.conf pipeline. Adapt pipeline if it is necessary.
##############################################################################
if [[ $SECURITY_ENABLED == "yes" ]]; then
echo "PIPELINE - TO DO"
# Settings for 01-wazuh.conf
# TO DO
fi