mirror of
https://github.com/elastic/logstash.git
synced 2025-04-23 06:08:19 -04:00
e76e582086
This commit adds missing Elasticsearch SSL settings and replaces deprecated options being used on `xpack.monitoring.*` and `xpack.management.*` settings: Changes: - Updated deprecated monitoring and management Elasticsearch's SSL settings so no warnings are logged. - Added monitoring settings support for file-based certificates and for the cipher suites: `xpack.monitoring.elasticsearch.ssl.certificate`, `xpack.monitoring.elasticsearch.ssl.key`, and `xpack.monitoring.elasticsearch.ssl.cipher_suites`. - Added management settings support for file-based certificates and for the cipher suites: `xpack.management.elasticsearch.ssl.certificate`, `xpack.management.elasticsearch.ssl.key`, and `xpack.management.elasticsearch.ssl.cipher_suites`.
72 lines
2.5 KiB
Text
72 lines
2.5 KiB
Text
# Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
|
|
# or more contributor license agreements. Licensed under the Elastic License;
|
|
# you may not use this file except in compliance with the Elastic License.
|
|
|
|
input {
|
|
metrics {
|
|
collection_interval => <%= collection_interval %>
|
|
collection_timeout_interval => <%= collection_timeout_interval %>
|
|
extended_performance_collection => <%= extended_performance_collection? %>
|
|
config_collection => <%= config_collection? %>
|
|
}
|
|
}
|
|
output {
|
|
elasticsearch_monitoring {
|
|
<% if auth? %>
|
|
user => "<%= user %>"
|
|
password => "<%= password %>"
|
|
<% end %>
|
|
<% if api_key? %>
|
|
api_key => "<%= api_key %>"
|
|
<% end %>
|
|
<% if cloud_id? %>
|
|
cloud_id => "<%= cloud_id %>"
|
|
<% else %>
|
|
hosts => <%= es_hosts %>
|
|
<% end %>
|
|
<% if cloud_auth %>
|
|
cloud_auth => "<%= cloud_auth %>"
|
|
<% end %>
|
|
data_stream => false
|
|
bulk_path => "<%= monitoring_endpoint %>"
|
|
manage_template => false
|
|
document_type => "%{[@metadata][document_type]}"
|
|
index => "<%= monitoring_index %>"
|
|
sniffing => <%= sniffing %>
|
|
<% if proxy? %>
|
|
proxy => "<%= proxy %>"
|
|
<% end %>
|
|
<% if ssl_enabled? %>
|
|
ssl_enabled => true
|
|
<% if ssl_certificate_authorities %>
|
|
ssl_certificate_authorities => "<%= ssl_certificate_authorities %>"
|
|
<% end %>
|
|
<% if ca_trusted_fingerprint %>
|
|
ca_trusted_fingerprint => <%= ca_trusted_fingerprint.inspect %>
|
|
<% end %>
|
|
<% if ssl_truststore_path? %>
|
|
ssl_truststore_path => "<%= ssl_truststore_path %>"
|
|
ssl_truststore_password => "<%= ssl_truststore_password %>"
|
|
<% end %>
|
|
<% if ssl_keystore_path? %>
|
|
ssl_keystore_path => "<%= ssl_keystore_path %>"
|
|
ssl_keystore_password => "<%= ssl_keystore_password %>"
|
|
<% end %>
|
|
<% if ssl_certificate? %>
|
|
ssl_certificate => "<%= ssl_certificate %>"
|
|
ssl_key => "<%= ssl_key %>"
|
|
<% end %>
|
|
<% if ssl_cipher_suites %>
|
|
ssl_cipher_suites => <%= ssl_cipher_suites %>
|
|
<% end %>
|
|
ssl_verification_mode => <%= ssl_verification_mode %>
|
|
<% else %>
|
|
# In the case where the user does not want SSL we don't set ssl => false
|
|
# the reason being that the user can still turn ssl on by using https in their URL
|
|
# This causes the ES output to throw an error due to conflicting messages
|
|
<% end %>
|
|
# Since this config is generated by Logstash and cannot be directly
|
|
# controlled by the user, we include a product origin header
|
|
custom_headers => { "x-elastic-product-origin" => "logstash" }
|
|
}
|
|
}
|