forked from alias454/graylog-formula
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathpillar.example
78 lines (77 loc) · 5.1 KB
/
pillar.example
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
# Set firewall status to Active or InActive for the main
# firewall service. If you want to disable the firewall,
# set this to 'InActive' and set the overide firewall
# to Active for the individual applications
firewall:
firewalld:
status: 'Active'
default_zone: 'internal'
# Override host options
# Graylog docs http://docs.graylog.org/en/2.2/
graylog:
lookup:
password_secret: '0OckXe4bwAQapvaqbzsugG2DRBRpE3yL5p95O189YUp5a6uKHVS43b0YeHnFcvOPHtXBYDHiXnKbn59TA1TvqwrRWs5mwXpt'
root_password_sha2: 'b721104e76006bdac228561e6a64451c031cacd0befc5605a825546261e02fdf' #default password is Graylog2
firewall:
firewalld:
status: 'Active'
graylog:
restart_service_after_state_change: 'true'
install_type: 'package' # Install type can be package or tarball
latest_tarball: 'graylog-2.2.0-beta.6.tgz' # Name of the release tar file
use_redirection: 'false' # Redirect port 80 to port 9000
base_dir: '/usr/share' # /usr/share is default for package install
log4j2_log_path: '/var/log/graylog-server' # Path for log files
input_source: ['192.168.2.0/24'] # Allow network access for sending hosts
heap_size: '4g' # Graylog HEAP size default is 1g
root_timezone: 'America/Chicago' # Root users timezone default is UTC
root_email: '[email protected]' # Root users email
allow_leading_wildcard_searches: 'true' # Use a leading wildcard in searches
allow_highlighting: 'true' # Highlight search term in search results
trusted_proxies: '127.0.0.1/32, 0:0:0:0:0:0:0:1/128' # Trusted proxies
use_addon_plugins: 'false' # Manage additional Graylog plugins
addon_plugins: [
'graylog-plugin-jabber-2.0.0.jar',
'graylog-plugin-threatintel-0.10.0.jar',
]
rest:
listen_uri: 'http://127.0.0.1:9000/api/' # Rest listen uri external ip if no reverse proxy
transport_uri: '' # Rest transport uri
enable_cors: 'true' # Enable CORS
enable_gzip: 'true' # Enable gzip
thread_pool_size: '16' # Rest thread pool size
web:
enable: 'true' # Enable/Disable web interface
listen_uri: 'http://127.0.0.1:9000/' # Web listen uri external ip if no reverse proxy
endpoint_uri: '' # Web endpoint uri
enable_cors: 'true' # Enable CORS
enable_gzip: 'true' # Enable gzip
thread_pool_size: '16' # Web thread pool size
elasticsearch:
shards: '2' # Number of shards to use
replicas: '0' # Number of replicas to use
index_prefix: 'graylog' # ES index prefix
template_name: 'graylog-internal' # ES template name
cluster_name: 'graylog' # ES cluster name
discovery_zen_ping_unicast_hosts: 'graylog00:9300' # Unicast hosts should be list of es masters
node_name_prefix: 'graylog-' # ES node name prefix
transport_email:
enabled: 'false' # Enable/Disable email
hostname: 'mail.domain.tld' # Email server hostname
port: '465' # Email server port
use_auth: 'false' # Email use auth
use_tls: 'false' # Email use TLS
use_ssl: 'false' # Email use SSL
auth_username: '[email protected]' # Email auth username
auth_password: 'secret' # Email auth password
subject_prefix: '[graylog]' # Email subject prefix
from_email: '[email protected]' # Email from address
web_interface_url: 'http://graylog00.domain.tld' # Email web interface link
mongodb:
uri: 'mongodb://gluser:password@localhost:27017/graylog'
sources:
- name: 'graylog00' # Name of node
master: 'true' # Node is Master
ip: '192.168.2.20' # IP address for this node
mask: '/32' # Subnet Mask for this node
fqdn: 'graylog00.alias454.local' # FQDN for this node