API tools faq
paste
Advertisement
G0nz0uk

elastiflowv1

G0nz0uk
Jun 18th, 2024 (edited)
2,514
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
YAML 15.49 KB | None | 0 0
raw download clone embed print report
  1. version: '3'
  2. services:
  3.   es_master1:
  4.     image: docker.elastic.co/elasticsearch/elasticsearch:8.14.0
  5.     restart: unless-stopped
  6.     hostname: es_master1
  7.     ulimits:
  8.       memlock:
  9.         soft: -1
  10.         hard: -1
  11.       nofile:
  12.         soft: 131072
  13.         hard: 131072
  14.       nproc: 8192
  15.       fsize: -1
  16.     network_mode: host
  17.     volumes:
  18.      - /var/lib/elasticsearch:/usr/share/elasticsearch/data
  19.     environment:
  20.       ES_JAVA_OPTS: '-Xms2g -Xmx2g'
  21.       cluster.name: elastiflow
  22.       node.name: es_master1
  23.       bootstrap.memory_lock: 'true'
  24.       network.bind_host: 0.0.0.0
  25.       http.port: 9200
  26.       http.publish_port: 9200
  27.       transport.port: 9300
  28.       transport.publish_port: 9300
  29.       cluster.initial_master_nodes: 'es_master1'
  30.       indices.query.bool.max_clause_count: 8192
  31.       search.max_buckets: 250000
  32.       action.destructive_requires_name: 'true'
  33.       xpack.security.enabled: 'false'
  34.       xpack.security.enrollment.enabled: 'true'
  35.  
  36.   kibana:
  37.     image: docker.elastic.co/kibana/kibana:8.14.0
  38.     restart: unless-stopped
  39.     hostname: NODE_NAME
  40.     network_mode: host
  41.     environment:
  42.       TELEMETRY_OPTIN: 'false'
  43.       TELEMETRY_ENABLED: 'false'
  44.       SERVER_NAME: 'NODE_NAME'
  45.       SERVER_HOST: '0.0.0.0'
  46.       SERVER_PORT: 5601
  47.       SERVER_MAXPAYLOADBYTES: 8388608
  48.       ELASTICSEARCH_HOSTS: 'http://localhost:9200'
  49.       ELASTICSEARCH_REQUESTTIMEOUT: 132000
  50.       ELASTICSEARCH_SHARDTIMEOUT: 120000
  51.       ELASTICSEARCH_SSL_VERIFICATIONMODE: 'none'
  52.       KIBANA_AUTOCOMPLETETIMEOUT: 3000
  53.       KIBANA_AUTOCOMPLETETERMINATEAFTER: 2500000
  54.       VIS_TYPE_VEGA_ENABLEEXTERNALURLS: 'true'
  55.       XPACK_MAPS_SHOWMAPVISUALIZATIONTYPES: 'true'
  56.       XPACK_ENCRYPTEDSAVEDOBJECTS_ENCRYPTIONKEY: 'ElastiFlow_0123456789_0123456789_0123456789'
  57.  
  58.         # ElastiFlow NetObserv Flow
  59.   flow-collector:
  60.     image: elastiflow/flow-collector:6.4.4
  61.     container_name: flow-collector
  62.     restart: 'unless-stopped'
  63.     network_mode: 'host'
  64.     volumes:
  65.      - /etc/elastiflow:/etc/elastiflow
  66.     environment:
  67.       EF_LICENSE_ACCEPTED: 'true'
  68.       #EF_ACCOUNT_ID: ''
  69.  
  70.       #EF_FLOW_LICENSE_KEY: ''
  71.       #EF_FLOW_LICENSED_UNITS:
  72.  
  73.       #EF_INSTANCE_NAME: default
  74.       #EF_API_PORT: 8080
  75.       #EF_API_TLS_ENABLE: ''
  76.       #EF_API_TLS_CERT_FILEPATH: ''
  77.       #EF_API_TLS_KEY_FILEPATH: ''
  78.       #EF_API_BASIC_AUTH_ENABLE: 'false'
  79.       #EF_API_BASIC_AUTH_USERNAME: ''
  80.       #EF_API_BASIC_AUTH_PASSWORD: ''
  81.  
  82.       #EF_LOGGER_LEVEL: 'info'
  83.       #EF_LOGGER_ENCODING: 'json'
  84.       #EF_LOGGER_FILE_LOG_ENABLE: 'false'
  85.       #EF_LOGGER_FILE_LOG_FILENAME: '/var/log/elastiflow/flowcoll/flowcoll.log'
  86.       #EF_LOGGER_FILE_LOG_MAX_SIZE: 100
  87.       #EF_LOGGER_FILE_LOG_MAX_AGE: ''
  88.       #EF_LOGGER_FILE_LOG_MAX_BACKUPS: 4
  89.       #EF_LOGGER_FILE_LOG_COMPRESS: 'false'
  90.  
  91.       EF_FLOW_SERVER_UDP_IP: '0.0.0.0'
  92.       EF_FLOW_SERVER_UDP_PORT: 9995
  93.       #EF_FLOW_SERVER_UDP_READ_BUFFER_MAX_SIZE: 134217728
  94.  
  95.       #EF_FLOW_PACKET_STREAM_MAX_SIZE:
  96.  
  97.       EF_AWS_VPC_FLOW_LOG_S3_ENABLE: 'false'
  98.       #EF_AWS_VPC_FLOW_LOG_S3_BUCKET: ''
  99.       #EF_AWS_VPC_FLOW_LOG_S3_PREFIX: 'AWSLogs'
  100.       #AWS_REGION: ''
  101.       #AWS_ACCESS_KEY_ID: ''
  102.       #AWS_SECRET_ACCESS_KEY: ''
  103.       #EF_AWS_VPC_FLOW_LOG_S3_TLS_ENABLE: 'false'
  104.       #EF_AWS_VPC_FLOW_LOG_S3_TLS_SKIP_VERIFICATION: 'false'
  105.       #EF_AWS_VPC_FLOW_LOG_S3_TLS_CA_CERT_FILEPATH: ''
  106.       #EF_AWS_VPC_FLOW_LOG_S3_TLS_MIN_VERSION: '1.2'
  107.  
  108.       #EF_INPUT_FLOW_BENCHMARK_ENABLE: 'false'
  109.       #EF_INPUT_FLOW_BENCHMARK_PACKET_FILEPATH: '/etc/elastiflow/benchmark/flow/packets.txt'
  110.  
  111.       #EF_PROCESSOR_POOL_SIZE:
  112.  
  113.       #EF_PROCESSOR_DECODE_IPFIX_ENABLE: 'true'
  114.       #EF_PROCESSOR_DECODE_NETFLOW1_ENABLE: 'true'
  115.       #EF_PROCESSOR_DECODE_NETFLOW5_ENABLE: 'true'
  116.       #EF_PROCESSOR_DECODE_NETFLOW6_ENABLE: 'true'
  117.       #EF_PROCESSOR_DECODE_NETFLOW7_ENABLE: 'true'
  118.       #EF_PROCESSOR_DECODE_NETFLOW9_ENABLE: 'true'
  119.       #EF_PROCESSOR_DECODE_SFLOW5_ENABLE: 'true'
  120.       #EF_PROCESSOR_DECODE_SFLOW_FLOWS_ENABLE: 'true'
  121.       #EF_PROCESSOR_DECODE_SFLOW_FLOWS_KEEP_SAMPLES: 'false'
  122.       #EF_PROCESSOR_DECODE_SFLOW_COUNTERS_ENABLE: 'true'
  123.       #EF_PROCESSOR_DECODE_MAX_RECORDS_PER_PACKET: 64
  124.  
  125.       #EF_PROCESSOR_TRANSLATE_KEEP_IDS: 'default'
  126.  
  127.       EF_PROCESSOR_ENRICH_APP_ID_ENABLE: 'false'
  128.       #EF_PROCESSOR_ENRICH_APP_ID_PATH: '/etc/elastiflow/app/appid.yml'
  129.       #EF_PROCESSOR_ENRICH_APP_ID_TTL: 7200
  130.       EF_PROCESSOR_ENRICH_APP_IPPORT_ENABLE: 'false'
  131.       #EF_PROCESSOR_ENRICH_APP_IPPORT_PATH: '/etc/elastiflow/app/ipport.yml'
  132.       #EF_PROCESSOR_ENRICH_APP_IPPORT_TTL: 7200
  133.       #EF_PROCESSOR_ENRICH_APP_IPPORT_PRIVATE: 'true'
  134.       #EF_PROCESSOR_ENRICH_APP_IPPORT_PUBLIC: 'false'
  135.       #EF_PROCESSOR_ENRICH_APP_REFRESH_RATE: 15
  136.  
  137.       #EF_PROCESSOR_ENRICH_IPADDR_TTL: 7200
  138.  
  139.       EF_PROCESSOR_ENRICH_IPADDR_METADATA_ENABLE: 'false'
  140.       #EF_PROCESSOR_ENRICH_IPADDR_METADATA_USERDEF_PATH: '/etc/elastiflow/metadata/ipaddrs.yml'
  141.       #EF_PROCESSOR_ENRICH_IPADDR_METADATA_REFRESH_RATE: 15
  142.  
  143.       EF_PROCESSOR_ENRICH_IPADDR_DNS_ENABLE: 'false'
  144.       EF_PROCESSOR_ENRICH_IPADDR_DNS_NAMESERVER_IP: ''
  145.       EF_PROCESSOR_ENRICH_IPADDR_DNS_NAMESERVER_TIMEOUT: 3000
  146.       #EF_PROCESSOR_ENRICH_IPADDR_DNS_RESOLVE_PRIVATE: 'true'
  147.       #EF_PROCESSOR_ENRICH_IPADDR_DNS_RESOLVE_PUBLIC: 'true'
  148.       #EF_PROCESSOR_ENRICH_IPADDR_DNS_USERDEF_PATH: '/etc/elastiflow/hostname/user_defined.yml'
  149.       #EF_PROCESSOR_ENRICH_IPADDR_DNS_USERDEF_REFRESH_RATE: 15
  150.       #EF_PROCESSOR_ENRICH_IPADDR_DNS_INCLEXCL_PATH: '/etc/elastiflow/hostname/incl_excl.yml'
  151.       #EF_PROCESSOR_ENRICH_IPADDR_DNS_INCLEXCL_REFRESH_RATE: 15
  152.  
  153.       EF_PROCESSOR_ENRICH_IPADDR_MAXMIND_ASN_ENABLE: 'false'
  154.       #EF_PROCESSOR_ENRICH_IPADDR_MAXMIND_ASN_PATH: '/etc/elastiflow/maxmind/GeoLite2-ASN.mmdb'
  155.  
  156.       EF_PROCESSOR_ENRICH_IPADDR_MAXMIND_GEOIP_ENABLE: 'false'
  157.       #EF_PROCESSOR_ENRICH_IPADDR_MAXMIND_GEOIP_PATH: '/etc/elastiflow/maxmind/GeoLite2-City.mmdb'
  158.       #EF_PROCESSOR_ENRICH_IPADDR_MAXMIND_GEOIP_VALUES: 'city,country,country_code,location,timezone'
  159.       #EF_PROCESSOR_ENRICH_IPADDR_MAXMIND_GEOIP_LANG: 'en'
  160.       #EF_PROCESSOR_ENRICH_IPADDR_MAXMIND_GEOIP_INCLEXCL_PATH: '/etc/elastiflow/maxmind/incl_excl.yml'
  161.       #EF_PROCESSOR_ENRICH_IPADDR_MAXMIND_GEOIP_INCLEXCL_REFRESH_RATE: 15
  162.       #EF_PROCESSOR_ENRICH_ASN_PREF: 'lookup'
  163.  
  164.       #EF_PROCESSOR_ENRICH_NETIF_TTL: 7200
  165.  
  166.       EF_PROCESSOR_ENRICH_NETIF_METADATA_ENABLE: 'false'
  167.       #EF_PROCESSOR_ENRICH_NETIF_METADATA_USERDEF_PATH: '/etc/elastiflow/metadata/ipaddrs.yml'
  168.       #EF_PROCESSOR_ENRICH_NETIF_METADATA_REFRESH_RATE: 15
  169.  
  170.       EF_PROCESSOR_ENRICH_NETIF_FLOW_OPTIONS_ENABLE: 'true'
  171.  
  172.       EF_PROCESSOR_ENRICH_NETIF_SNMP_ENABLE: 'false'
  173.       #EF_PROCESSOR_ENRICH_NETIF_SNMP_PORT: 161
  174.       #EF_PROCESSOR_ENRICH_NETIF_SNMP_VERSION: 2
  175.       EF_PROCESSOR_ENRICH_NETIF_SNMP_COMMUNITIES: 'public'
  176.       #EF_PROCESSOR_ENRICH_NETIF_SNMP_V3_USERNAME: ''
  177.       #EF_PROCESSOR_ENRICH_NETIF_SNMP_V3_AUTHENTICATION_PROTOCOL: 'noauth'
  178.       #EF_PROCESSOR_ENRICH_NETIF_SNMP_V3_AUTHENTICATION_PASSPHRASE: ''
  179.       #EF_PROCESSOR_ENRICH_NETIF_SNMP_V3_PRIVACY_PROTOCOL: 'nopriv'
  180.       #EF_PROCESSOR_ENRICH_NETIF_SNMP_V3_PRIVACY_PASSPHRASE: ''
  181.       #EF_PROCESSOR_ENRICH_NETIF_SNMP_TIMEOUT: 2
  182.       #EF_PROCESSOR_ENRICH_NETIF_SNMP_RETRIES: 1
  183.  
  184.       #EF_PROCESSOR_ENRICH_TOTALS_IF_NO_DELTAS: 'false'
  185.  
  186.       #EF_PROCESSOR_ENRICH_SAMPLERATE_CACHE_SIZE: 32768
  187.       #EF_PROCESSOR_ENRICH_SAMPLERATE_USERDEF_ENABLE: 'false'
  188.       #EF_PROCESSOR_ENRICH_SAMPLERATE_USERDEF_PATH: '/etc/elastiflow/settings/sample_rate.yml'
  189.       #EF_PROCESSOR_ENRICH_SAMPLERATE_USERDEF_OVERRIDE: 'false'
  190.  
  191.       #EF_PROCESSOR_ENRICH_COMMUNITYID_ENABLE: 'true'
  192.       #EF_PROCESSOR_ENRICH_COMMUNITYID_SEED: 0
  193.       #EF_PROCESSOR_ENRICH_CONVERSATIONID_ENABLE: 'true'
  194.       #EF_PROCESSOR_ENRICH_CONVERSATIONID_SEED: 0
  195.  
  196.       #EF_PROCESSOR_ENRICH_JOIN_ASN: 'true'
  197.       #EF_PROCESSOR_ENRICH_JOIN_GEOIP: 'true'
  198.       #EF_PROCESSOR_ENRICH_JOIN_SEC: 'true'
  199.       #EF_PROCESSOR_ENRICH_JOIN_NETATTR: 'true'
  200.       #EF_PROCESSOR_ENRICH_JOIN_SUBNETATTR: 'true'
  201.  
  202.       #EF_PROCESSOR_DURATION_PRECISION: 'ms'
  203.       #EF_PROCESSOR_TIMESTAMP_PRECISION: 'ms'
  204.       #EF_PROCESSOR_PERCENT_NORM: 100
  205.       #EF_PROCESSOR_EXPAND_CLISRV: 'true'
  206.       #EF_PROCESSOR_EXPAND_CLISRV_NO_L4_PORTS: 'true'
  207.       #EF_PROCESSOR_KEEP_CPU_TICKS: 'false'
  208.  
  209.       #EF_PROCESSOR_DROP_FIELDS: ''
  210.  
  211.       #EF_PROCESSOR_IFA_ENABLE: 'false'
  212.       #EF_PROCESSOR_IFA_WORKER_SIZE: 0
  213.  
  214.       # stdout
  215.       #EF_OUTPUT_STDOUT_ENABLE: 'false'
  216.       #EF_OUTPUT_STDOUT_FORMAT: 'json_pretty'
  217.  
  218.       # monitor
  219.       #EF_OUTPUT_MONITOR_ENABLE: 'false'
  220.       #EF_OUTPUT_MONITOR_INTERVAL: 300
  221.  
  222.       # Elasticsearch
  223.       EF_OUTPUT_ELASTICSEARCH_ENABLE: 'false'
  224.       EF_OUTPUT_ELASTICSEARCH_ECS_ENABLE: 'false'
  225.       #EF_OUTPUT_ELASTICSEARCH_BATCH_DEADLINE: 2000
  226.       #EF_OUTPUT_ELASTICSEARCH_BATCH_MAX_BYTES: 8388608
  227.       #EF_OUTPUT_ELASTICSEARCH_TIMESTAMP_SOURCE: 'collect'
  228.       #EF_OUTPUT_ELASTICSEARCH_INDEX_PERIOD: 'rollover'
  229.       #EF_OUTPUT_ELASTICSEARCH_TSDS_ENABLE: 'false'
  230.       #EF_OUTPUT_ELASTICSEARCH_INDEX_SUFFIX: ''
  231.       #EF_OUTPUT_ELASTICSEARCH_DROP_FIELDS: ''
  232.       #EF_OUTPUT_ELASTICSEARCH_ALLOWED_RECORD_TYPES: 'as_path_hop,flow_option,flow,telemetry'
  233.  
  234.       #EF_OUTPUT_ELASTICSEARCH_INDEX_TEMPLATE_ENABLE: 'true'
  235.       #EF_OUTPUT_ELASTICSEARCH_INDEX_TEMPLATE_OVERWRITE: 'true'
  236.       EF_OUTPUT_ELASTICSEARCH_INDEX_TEMPLATE_SHARDS: 1
  237.       EF_OUTPUT_ELASTICSEARCH_INDEX_TEMPLATE_REPLICAS: 0
  238.       #EF_OUTPUT_ELASTICSEARCH_INDEX_TEMPLATE_REFRESH_INTERVAL: '10s'
  239.       #EF_OUTPUT_ELASTICSEARCH_INDEX_TEMPLATE_CODEC: 'best_compression'
  240.       #EF_OUTPUT_ELASTICSEARCH_INDEX_TEMPLATE_ILM_LIFECYCLE: 'elastiflow'
  241.       #EF_OUTPUT_ELASTICSEARCH_INDEX_TEMPLATE_PIPELINE_DEFAULT: '_none'
  242.       #EF_OUTPUT_ELASTICSEARCH_INDEX_TEMPLATE_PIPELINE_FINAL: '_none'
  243.  
  244.       # A comma separated list of Elasticsearch nodes to use. DO NOT include "http://" or "https://"
  245.       EF_OUTPUT_ELASTICSEARCH_ADDRESSES: '127.0.0.1:9200'
  246.       EF_OUTPUT_ELASTICSEARCH_USERNAME: 'elastic'
  247.       EF_OUTPUT_ELASTICSEARCH_PASSWORD: 'changeme'
  248.       #EF_OUTPUT_ELASTICSEARCH_CLOUD_ID: ''
  249.       #EF_OUTPUT_ELASTICSEARCH_API_KEY: ''
  250.       #EF_OUTPUT_ELASTICSEARCH_CLIENT_CA_CERT_FILEPATH: ''
  251.       #EF_OUTPUT_ELASTICSEARCH_CLIENT_CERT_FILEPATH: ''
  252.       #EF_OUTPUT_ELASTICSEARCH_CLIENT_KEY_FILEPATH: ''
  253.  
  254.       EF_OUTPUT_ELASTICSEARCH_TLS_ENABLE: 'false'
  255.       EF_OUTPUT_ELASTICSEARCH_TLS_SKIP_VERIFICATION: 'false'
  256.       EF_OUTPUT_ELASTICSEARCH_TLS_CA_CERT_FILEPATH: ''
  257.  
  258.       #EF_OUTPUT_ELASTICSEARCH_RETRY_ENABLE: 'true'
  259.       #EF_OUTPUT_ELASTICSEARCH_RETRY_ON_TIMEOUT_ENABLE: 'true'
  260.       #EF_OUTPUT_ELASTICSEARCH_MAX_RETRIES: 3
  261.       #EF_OUTPUT_ELASTICSEARCH_RETRY_BACKOFF: 1000
  262.  
  263.       # OpenSearch
  264.       EF_OUTPUT_OPENSEARCH_ENABLE: 'false'
  265.       EF_OUTPUT_OPENSEARCH_ECS_ENABLE: 'false'
  266.       #EF_OUTPUT_OPENSEARCH_BATCH_DEADLINE: 2000
  267.       #EF_OUTPUT_OPENSEARCH_BATCH_MAX_BYTES: 8388608
  268.       #EF_OUTPUT_OPENSEARCH_TIMESTAMP_SOURCE: 'collect'
  269.       #EF_OUTPUT_OPENSEARCH_INDEX_PERIOD: 'daily'
  270.       #EF_OUTPUT_OPENSEARCH_INDEX_SUFFIX: ''
  271.       #EF_OUTPUT_OPENSEARCH_DROP_FIELDS: ''
  272.       #EF_OUTPUT_OPENSEARCH_ALLOWED_RECORD_TYPES: 'as_path_hop,flow_option,flow,telemetry'
  273.  
  274.       #EF_OUTPUT_OPENSEARCH_INDEX_TEMPLATE_ENABLE: 'true'
  275.       #EF_OUTPUT_OPENSEARCH_INDEX_TEMPLATE_OVERWRITE: 'true'
  276.       EF_OUTPUT_OPENSEARCH_INDEX_TEMPLATE_SHARDS: 1
  277.       EF_OUTPUT_OPENSEARCH_INDEX_TEMPLATE_REPLICAS: 0
  278.       #EF_OUTPUT_OPENSEARCH_INDEX_TEMPLATE_REFRESH_INTERVAL: '10s'
  279.       #EF_OUTPUT_OPENSEARCH_INDEX_TEMPLATE_CODEC: 'best_compression'
  280.       #EF_OUTPUT_OPENSEARCH_INDEX_TEMPLATE_ISM_POLICY: 'elastiflow'
  281.       #EF_OUTPUT_OPENSEARCH_INDEX_TEMPLATE_PIPELINE_DEFAULT: '_none'
  282.       #EF_OUTPUT_OPENSEARCH_INDEX_TEMPLATE_PIPELINE_FINAL: '_none'
  283.  
  284.       # A comma separated list of OpenSearch nodes to use. DO NOT include "http://" or "https://"
  285.       EF_OUTPUT_OPENSEARCH_ADDRESSES: '127.0.0.1:9200'
  286.       EF_OUTPUT_OPENSEARCH_USERNAME: 'admin'
  287.       EF_OUTPUT_OPENSEARCH_PASSWORD: 'admin'
  288.       #EF_OUTPUT_OPENSEARCH_CLIENT_CA_CERT_FILEPATH: ''
  289.       #EF_OUTPUT_OPENSEARCH_CLIENT_CERT_FILEPATH: ''
  290.       #EF_OUTPUT_OPENSEARCH_CLIENT_KEY_FILEPATH: ''
  291.  
  292.       EF_OUTPUT_OPENSEARCH_TLS_ENABLE: 'false'
  293.       EF_OUTPUT_OPENSEARCH_TLS_SKIP_VERIFICATION: 'false'
  294.       EF_OUTPUT_OPENSEARCH_TLS_CA_CERT_FILEPATH: ''
  295.  
  296.       #EF_OUTPUT_OPENSEARCH_RETRY_ENABLE: 'true'
  297.       #EF_OUTPUT_OPENSEARCH_RETRY_ON_TIMEOUT_ENABLE: 'true'
  298.       #EF_OUTPUT_OPENSEARCH_MAX_RETRIES: 3
  299.       #EF_OUTPUT_OPENSEARCH_RETRY_BACKOFF: 1000
  300.  
  301.       # Splunk
  302.       EF_OUTPUT_SPLUNK_HEC_ENABLE: 'false'
  303.       #EF_OUTPUT_SPLUNK_HEC_CIM_ENABLE: 'false'
  304.       EF_OUTPUT_SPLUNK_HEC_ADDRESSES: '127.0.0.1:8088'
  305.       EF_OUTPUT_SPLUNK_HEC_TOKEN: ''
  306.       #EF_OUTPUT_SPLUNK_HEC_BATCH_MAX_BYTES: 8388608
  307.       #EF_OUTPUT_SPLUNK_HEC_BATCH_DEADLINE: 2000
  308.       #EF_OUTPUT_SPLUNK_HEC_TLS_ENABLE: 'true'
  309.       #EF_OUTPUT_SPLUNK_HEC_TLS_SKIP_VERIFICATION: 'false'
  310.       #EF_OUTPUT_SPLUNK_HEC_TLS_CA_CERT_FILEPATH: ''
  311.       #EF_OUTPUT_SPLUNK_HEC_DROP_FIELDS: ''
  312.  
  313.       # Kafka
  314.       EF_OUTPUT_KAFKA_ENABLE: 'false'
  315.       EF_OUTPUT_KAFKA_BROKERS: ''
  316.       #EF_OUTPUT_KAFKA_VERSION: '1.0.0'
  317.       #EF_OUTPUT_KAFKA_TOPIC: 'elastiflow-flow-codex'
  318.       #EF_OUTPUT_KAFKA_PARTITION_KEY: 'flow.export.ip.addr'
  319.       #EF_OUTPUT_KAFKA_CLIENT_ID: 'elastiflow-flowcoll'
  320.       #EF_OUTPUT_KAFKA_RACK_ID: ''
  321.       #EF_OUTPUT_KAFKA_TIMEOUT: 30
  322.       #EF_OUTPUT_KAFKA_DROP_FIELDS: ''
  323.       #EF_OUTPUT_KAFKA_ALLOWED_RECORD_TYPES: 'as_path_hop,flow_option,flow,telemetry'
  324.       #EF_OUTPUT_KAFKA_FLAT_RECORD_ENABLE: 'true'
  325.  
  326.       EF_OUTPUT_KAFKA_SASL_ENABLE: 'false'
  327.       #EF_OUTPUT_KAFKA_SASL_USERNAME: ''
  328.       #EF_OUTPUT_KAFKA_SASL_PASSWORD: ''
  329.  
  330.       #EF_OUTPUT_KAFKA_TLS_ENABLE: 'false'
  331.       #EF_OUTPUT_KAFKA_TLS_CA_CERT_FILEPATH: ''
  332.       #EF_OUTPUT_KAFKA_TLS_CERT_FILEPATH: ''
  333.       #EF_OUTPUT_KAFKA_TLS_KEY_FILEPATH: ''
  334.       #EF_OUTPUT_KAFKA_TLS_SKIP_VERIFICATION: 'false'
  335.  
  336.       #EF_OUTPUT_KAFKA_PRODUCER_MAX_MESSAGE_BYTES: 1000000
  337.       #EF_OUTPUT_KAFKA_PRODUCER_REQUIRED_ACKS: 1
  338.       #EF_OUTPUT_KAFKA_PRODUCER_TIMEOUT: 10
  339.       #EF_OUTPUT_KAFKA_PRODUCER_COMPRESSION: 3
  340.       #EF_OUTPUT_KAFKA_PRODUCER_COMPRESSION_LEVEL: -1000
  341.       #EF_OUTPUT_KAFKA_PRODUCER_FLUSH_BYTES: 1000000
  342.       #EF_OUTPUT_KAFKA_PRODUCER_FLUSH_MESSAGES: 1024
  343.       #EF_OUTPUT_KAFKA_PRODUCER_FLUSH_FREQUENCY: 1000
  344.       #EF_OUTPUT_KAFKA_PRODUCER_FLUSH_MAX_MESSAGES: 0
  345.       #EF_OUTPUT_KAFKA_PRODUCER_RETRY_MAX: 3
  346.       #EF_OUTPUT_KAFKA_PRODUCER_RETRY_BACKOFF: 100
  347.  
  348.       # Cribl
  349.       EF_OUTPUT_CRIBL_ENABLE: 'false'
  350.       EF_OUTPUT_CRIBL_ADDRESSES: '127.0.0.1:10080'
  351.       EF_OUTPUT_CRIBL_TOKEN: ''
  352.       #EF_OUTPUT_CRIBL_BATCH_DEADLINE: 2000
  353.       #EF_OUTPUT_CRIBL_BATCH_MAX_BYTES: 8388608
  354.       #EF_OUTPUT_CRIBL_TLS_ENABLE: 'false'
  355.       #EF_OUTPUT_CRIBL_TLS_SKIP_VERIFICATION: 'false'
  356.       #EF_OUTPUT_CRIBL_TLS_CA_CERT_FILEPATH: ''
  357.       #EF_OUTPUT_CRIBL_DROP_FIELDS: ''
  358.  
  359.       # Generic HTTP
  360.       EF_OUTPUT_GENERIC_HTTP_ENABLE: 'false'
  361.       EF_OUTPUT_GENERIC_HTTP_ECS_ENABLE: 'false'
  362.       #EF_OUTPUT_GENERIC_HTTP_BATCH_DEADLINE: 2000
  363.       #EF_OUTPUT_GENERIC_HTTP_BATCH_MAX_BYTES: 8388608
  364.       EF_OUTPUT_GENERIC_HTTP_ADDRESSES: ''
  365.       #EF_OUTPUT_GENERIC_HTTP_USERNAME: ''
  366.       #EF_OUTPUT_GENERIC_HTTP_PASSWORD: ''
  367.       #EF_OUTPUT_GENERIC_HTTP_TLS_ENABLE: 'false'
  368.       #EF_OUTPUT_GENERIC_HTTP_TLS_SKIP_VERIFICATION: 'false'
  369.       #EF_OUTPUT_GENERIC_HTTP_TLS_CA_CERT_FILEPATH: ''
  370.       #EF_OUTPUT_GENERIC_HTTP_DROP_FIELDS: ''
  371.       #EF_OUTPUT_GENERIC_HTTP_TIMESTAMP_SOURCE: 'collect'
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!