1 filebeat.prospectors:
\r
2 #it is mandatory, in our case it's log
\r
4 #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory.
\r
6 - /var/log/onap/*/*/*.log
\r
7 - /var/log/onap/*/*.log
\r
9 # The below commented properties are for time-based rolling policy. But as the log4j 1.2x does not support time-based rolling these properties are not set
\r
10 #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive
\r
12 # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit
\r
13 #clean_inactive: 96h
\r
15 #Multiline properties for log4j xml log events
\r
16 multiline.pattern: '</log4j:event>'
\r
17 multiline.negate: true
\r
18 multiline.match: before
\r
19 #multiline.max_lines: 500
\r
20 #multiline.timeout: 5s
\r
22 # Name of the registry file. If a relative path is used, it is considered relative to the
\r
23 # data path. Else full qualified file name.
\r
24 #filebeat.registry_file: ${path.data}/registry
\r
28 #List of logstash server ip addresses with port number.
\r
29 #But, in our case, this will be the loadbalancer IP address.
\r
30 #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately.
\r
31 hosts: ["logstash.onap-log:5044"]
\r
32 #If enable will do load balancing among availabe Logstash, automatically.
\r
35 #The list of root certificates for server verifications.
\r
36 #If certificate_authorities is empty or not set, the trusted
\r
37 #certificate authorities of the host system are used.
\r
38 #ssl.certificate_authorities: $ssl.certificate_authorities
\r
40 #The path to the certificate for SSL client authentication. If the certificate is not specified,
\r
41 #client authentication is not available.
\r
42 #ssl.certificate: $ssl.certificate
\r
44 #The client certificate key used for client authentication.
\r
47 #The passphrase used to decrypt an encrypted key stored in the configured key file
\r
48 #ssl.key_passphrase: $ssl.key_passphrase
\r