API tools faq
paste
Advertisement
darrynza

logstash.yml

darrynza
Aug 21st, 2019
554
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 11.45 KB | None | 0 0
raw download clone embed print report
  1. # ======================== Elasticsearch Configuration =========================
  2. #
  3. # NOTE: Elasticsearch comes with reasonable defaults for most settings.
  4. #       Before you set out to tweak and tune the configuration, make sure you
  5. #       understand what are you trying to accomplish and the consequences.
  6. #
  7. # The primary way of configuring a node is via this file. This template lists
  8. # the most important settings you may want to configure for a production cluster.
  9. #
  10. # Please consult the documentation for further information on configuration options:
  11. # https://www.elastic.co/guide/en/elasticsearch/reference/index.html
  12. #
  13. # ---------------------------------- Cluster -----------------------------------
  14. #
  15. # Use a descriptive name for your cluster:
  16. #
  17. #cluster.name: my-application
  18. #
  19. # ------------------------------------ Node ------------------------------------
  20. #
  21. # Use a descriptive name for the node:
  22. #
  23. #node.name: node-1
  24. #
  25. # Add custom attributes to the node:
  26. #
  27. #node.attr.rack: r1
  28. #
  29. # ----------------------------------- Paths ------------------------------------
  30. #
  31. # Path to directory where to store the data (separate multiple locations by comma):
  32. #
  33. path.data: /var/lib/elasticsearch
  34. #
  35. # Path to log files:
  36. #
  37. path.logs: /var/log/elasticsearch
  38. #
  39. # ----------------------------------- Memory -----------------------------------
  40. #
  41. # Lock the memory on startup:
  42. #
  43. #bootstrap.memory_lock: true
  44. #
  45. # Make sure that the heap size is set to about half the memory available
  46. # on the system and that the owner of the process is allowed to use this
  47. # limit.
  48. #
  49. # Elasticsearch performs poorly when the system is swapping the memory.
  50. #
  51. # ---------------------------------- Network -----------------------------------
  52. #
  53. # Set the bind address to a specific IP (IPv4 or IPv6):
  54. #
  55. #network.host: 192.168.0.1
  56. #
  57. # Set a custom port for HTTP:
  58. #
  59. #http.port: 9200
  60. #
  61. # For more information, consult the network module documentation.
  62. #
  63. # --------------------------------- Discovery ----------------------------------
  64. #
  65. # Pass an initial list of hosts to perform discovery when this node is started:
  66. # The default list of hosts is ["127.0.0.1", "[::1]"]
  67. #
  68. #discovery.seed_hosts: ["host1", "host2"]
  69. #
  70. # Bootstrap the cluster using an initial set of master-eligible nodes:
  71. #
  72. #cluster.initial_master_nodes: ["node-1", "node-2"]
  73. #
  74. # For more information, consult the discovery and cluster formation module documentation.
  75. #
  76. # ---------------------------------- Gateway -----------------------------------
  77. #
  78. # Block initial recovery after a full cluster restart until N nodes are started:
  79. #
  80. #gateway.recover_after_nodes: 3
  81. #
  82. # For more information, consult the gateway module documentation.
  83. #
  84. # ---------------------------------- Various -----------------------------------
  85. #
  86. # Require explicit names when deleting indices:
  87. #
  88. #action.destructive_requires_name: true
  89. [root@elk-monitor ~]# ^C
  90. [root@elk-monitor ~]# cat /etc/logstash/
  91. conf.d/               log4j2.properties     logstash.yml          pipelines.yml        
  92. jvm.options           logstash-sample.conf  main.conf             startup.options      
  93. [root@elk-monitor ~]# cat /etc/logstash/logstash.yml
  94. # Settings file in YAML
  95. #
  96. # Settings can be specified either in hierarchical form, e.g.:
  97. #
  98. #   pipeline:
  99. #     batch:
  100. #       size: 125
  101. #       delay: 5
  102. #
  103. # Or as flat keys:
  104. #
  105. #   pipeline.batch.size: 125
  106. #   pipeline.batch.delay: 5
  107. #
  108. # ------------  Node identity ------------
  109. #
  110. # Use a descriptive name for the node:
  111. #
  112. # node.name: test
  113. #
  114. # If omitted the node name will default to the machine's host name
  115. #
  116. # ------------ Data path ------------------
  117. #
  118. # Which directory should be used by logstash and its plugins
  119. # for any persistent needs. Defaults to LOGSTASH_HOME/data
  120. #
  121. path.data: /var/lib/logstash
  122. #
  123. # ------------ Pipeline Settings --------------
  124. #
  125. # The ID of the pipeline.
  126. #
  127. # pipeline.id: main
  128. #
  129. # Set the number of workers that will, in parallel, execute the filters+outputs
  130. # stage of the pipeline.
  131. #
  132. # This defaults to the number of the host's CPU cores.
  133. #
  134. # pipeline.workers: 2
  135. #
  136. # How many events to retrieve from inputs before sending to filters+workers
  137. #
  138. # pipeline.batch.size: 125
  139. #
  140. # How long to wait in milliseconds while polling for the next event
  141. # before dispatching an undersized batch to filters+outputs
  142. #
  143. # pipeline.batch.delay: 50
  144. #
  145. # Force Logstash to exit during shutdown even if there are still inflight
  146. # events in memory. By default, logstash will refuse to quit until all
  147. # received events have been pushed to the outputs.
  148. #
  149. # WARNING: enabling this can lead to data loss during shutdown
  150. #
  151. # pipeline.unsafe_shutdown: false
  152. #
  153. # ------------ Pipeline Configuration Settings --------------
  154. #
  155. # Where to fetch the pipeline configuration for the main pipeline
  156. #
  157. # path.config:
  158. #
  159. # Pipeline configuration string for the main pipeline
  160. #
  161. # config.string:
  162. #
  163. # At startup, test if the configuration is valid and exit (dry run)
  164. #
  165. # config.test_and_exit: false
  166. #
  167. # Periodically check if the configuration has changed and reload the pipeline
  168. # This can also be triggered manually through the SIGHUP signal
  169. #
  170. # config.reload.automatic: false
  171. #
  172. # How often to check if the pipeline configuration has changed (in seconds)
  173. #
  174. # config.reload.interval: 3s
  175. #
  176. # Show fully compiled configuration as debug log message
  177. # NOTE: --log.level must be 'debug'
  178. #
  179. # config.debug: false
  180. #
  181. # When enabled, process escaped characters such as \n and \" in strings in the
  182. # pipeline configuration files.
  183. #
  184. # config.support_escapes: false
  185. #
  186. # ------------ Module Settings ---------------
  187. # Define modules here.  Modules definitions must be defined as an array.
  188. # The simple way to see this is to prepend each `name` with a `-`, and keep
  189. # all associated variables under the `name` they are associated with, and
  190. # above the next, like this:
  191. #
  192. # modules:
  193. #   - name: MODULE_NAME
  194. #     var.PLUGINTYPE1.PLUGINNAME1.KEY1: VALUE
  195. #     var.PLUGINTYPE1.PLUGINNAME1.KEY2: VALUE
  196. #     var.PLUGINTYPE2.PLUGINNAME1.KEY1: VALUE
  197. #     var.PLUGINTYPE3.PLUGINNAME3.KEY1: VALUE
  198. #
  199. # Module variable names must be in the format of
  200. #
  201. # var.PLUGIN_TYPE.PLUGIN_NAME.KEY
  202. #
  203. # modules:
  204. #
  205. # ------------ Cloud Settings ---------------
  206. # Define Elastic Cloud settings here.
  207. # Format of cloud.id is a base64 value e.g. dXMtZWFzdC0xLmF3cy5mb3VuZC5pbyRub3RhcmVhbCRpZGVudGlmaWVy
  208. # and it may have an label prefix e.g. staging:dXMtZ...
  209. # This will overwrite 'var.elasticsearch.hosts' and 'var.kibana.host'
  210. # cloud.id: <identifier>
  211. #
  212. # Format of cloud.auth is: <user>:<pass>
  213. # This is optional
  214. # If supplied this will overwrite 'var.elasticsearch.username' and 'var.elasticsearch.password'
  215. # If supplied this will overwrite 'var.kibana.username' and 'var.kibana.password'
  216. # cloud.auth: elastic:<password>
  217. #
  218. # ------------ Queuing Settings --------------
  219. #
  220. # Internal queuing model, "memory" for legacy in-memory based queuing and
  221. # "persisted" for disk-based acked queueing. Defaults is memory
  222. #
  223. # queue.type: memory
  224. #
  225. # If using queue.type: persisted, the directory path where the data files will be stored.
  226. # Default is path.data/queue
  227. #
  228. # path.queue:
  229. #
  230. # If using queue.type: persisted, the page data files size. The queue data consists of
  231. # append-only data files separated into pages. Default is 64mb
  232. #
  233. # queue.page_capacity: 64mb
  234. #
  235. # If using queue.type: persisted, the maximum number of unread events in the queue.
  236. # Default is 0 (unlimited)
  237. #
  238. # queue.max_events: 0
  239. #
  240. # If using queue.type: persisted, the total capacity of the queue in number of bytes.
  241. # If you would like more unacked events to be buffered in Logstash, you can increase the
  242. # capacity using this setting. Please make sure your disk drive has capacity greater than
  243. # the size specified here. If both max_bytes and max_events are specified, Logstash will pick
  244. # whichever criteria is reached first
  245. # Default is 1024mb or 1gb
  246. #
  247. # queue.max_bytes: 1024mb
  248. #
  249. # If using queue.type: persisted, the maximum number of acked events before forcing a checkpoint
  250. # Default is 1024, 0 for unlimited
  251. #
  252. # queue.checkpoint.acks: 1024
  253. #
  254. # If using queue.type: persisted, the maximum number of written events before forcing a checkpoint
  255. # Default is 1024, 0 for unlimited
  256. #
  257. # queue.checkpoint.writes: 1024
  258. #
  259. # If using queue.type: persisted, the interval in milliseconds when a checkpoint is forced on the head page
  260. # Default is 1000, 0 for no periodic checkpoint.
  261. #
  262. # queue.checkpoint.interval: 1000
  263. #
  264. # ------------ Dead-Letter Queue Settings --------------
  265. # Flag to turn on dead-letter queue.
  266. #
  267. # dead_letter_queue.enable: false
  268.  
  269. # If using dead_letter_queue.enable: true, the maximum size of each dead letter queue. Entries
  270. # will be dropped if they would increase the size of the dead letter queue beyond this setting.
  271. # Default is 1024mb
  272. # dead_letter_queue.max_bytes: 1024mb
  273.  
  274. # If using dead_letter_queue.enable: true, the directory path where the data files will be stored.
  275. # Default is path.data/dead_letter_queue
  276. #
  277. # path.dead_letter_queue:
  278. #
  279. # ------------ Metrics Settings --------------
  280. #
  281. # Bind address for the metrics REST endpoint
  282. #
  283. # http.host: "127.0.0.1"
  284. #
  285. # Bind port for the metrics REST endpoint, this option also accept a range
  286. # (9600-9700) and logstash will pick up the first available ports.
  287. #
  288. # http.port: 9600-9700
  289. #
  290. # ------------ Debugging Settings --------------
  291. #
  292. # Options for log.level:
  293. #   * fatal
  294. #   * error
  295. #   * warn
  296. #   * info (default)
  297. #   * debug
  298. #   * trace
  299. #
  300. # log.level: info
  301. path.logs: /var/log/logstash
  302. #
  303. # ------------ Other Settings --------------
  304. #
  305. # Where to find custom plugins
  306. # path.plugins: []
  307. #
  308. # ------------ X-Pack Settings (not applicable for OSS build)--------------
  309. #
  310. # X-Pack Monitoring
  311. # https://www.elastic.co/guide/en/logstash/current/monitoring-logstash.html
  312. #xpack.monitoring.enabled: false
  313. #xpack.monitoring.elasticsearch.username: logstash_system
  314. #xpack.monitoring.elasticsearch.password: password
  315. #xpack.monitoring.elasticsearch.hosts: ["https://es1:9200", "https://es2:9200"]
  316. #xpack.monitoring.elasticsearch.ssl.certificate_authority: [ "/path/to/ca.crt" ]
  317. #xpack.monitoring.elasticsearch.ssl.truststore.path: path/to/file
  318. #xpack.monitoring.elasticsearch.ssl.truststore.password: password
  319. #xpack.monitoring.elasticsearch.ssl.keystore.path: /path/to/file
  320. #xpack.monitoring.elasticsearch.ssl.keystore.password: password
  321. #xpack.monitoring.elasticsearch.ssl.verification_mode: certificate
  322. #xpack.monitoring.elasticsearch.sniffing: false
  323. #xpack.monitoring.collection.interval: 10s
  324. #xpack.monitoring.collection.pipeline.details.enabled: true
  325. #
  326. # X-Pack Management
  327. # https://www.elastic.co/guide/en/logstash/current/logstash-centralized-pipeline-management.html
  328. #xpack.management.enabled: false
  329. #xpack.management.pipeline.id: ["main", "apache_logs"]
  330. #xpack.management.elasticsearch.username: logstash_admin_user
  331. #xpack.management.elasticsearch.password: password
  332. #xpack.management.elasticsearch.hosts: ["https://es1:9200", "https://es2:9200"]
  333. #xpack.management.elasticsearch.ssl.certificate_authority: [ "/path/to/ca.crt" ]
  334. #xpack.management.elasticsearch.ssl.truststore.path: /path/to/file
  335. #xpack.management.elasticsearch.ssl.truststore.password: password
  336. #xpack.management.elasticsearch.ssl.keystore.path: /path/to/file
  337. #xpack.management.elasticsearch.ssl.keystore.password: password
  338. #xpack.management.elasticsearch.ssl.verification_mode: certificate
  339. #xpack.management.elasticsearch.sniffing: false
  340. #xpack.management.logstash.poll_interval: 5s
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!