b9fa34d42e
The new option logstash_syslog_input_enabled has been added which will allow users to enable a direct syslog input. When enabled, messages will be processed via logstash and sent directly to elasticsearch. Change-Id: Icb7712ecb8aae3d7f99df80ae1c5cd647a15ce83 Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
34 lines
1.5 KiB
YAML
34 lines
1.5 KiB
YAML
---
|
|
# Copyright 2018, Rackspace US, Inc.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
temp_dir: /var/lib/logstash/tmp
|
|
logstash_pipelines: "{{lookup('template', 'templates/logstash-pipelines.yml.j2') }}"
|
|
|
|
# Set processor cores fact
|
|
q_storage: "{{ (ansible_processor_cores | int) * (ansible_processor_threads_per_core | int) * 2 }}"
|
|
|
|
# Set logstash facts
|
|
logstash_queue_size: "{{ ((((q_storage | int) >= 2) | ternary(q_storage, 2) | int) * 1024) // ((logstash_pipelines | from_yaml) | length) }}"
|
|
elastic_log_rotate_path: "/var/log/logstash"
|
|
|
|
# Enable direct syslog input into logstash. When this is enabled syslog messages
|
|
# can be sent directly to logstash via TCP or UDP.
|
|
logstash_syslog_input_enabled: false
|
|
# The typical syslog port is 514 however that is not available to logstash
|
|
# because it's a "privledged" port. For this reason 1514 is used as the default.
|
|
# Changing this port to 514 will require overrides to the service files making
|
|
# logstash run as root (not recommended).
|
|
logstash_syslog_input_port: 1514
|