From 1dda36546906b5dd50ee15f52c968c25fc4d1f59 Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Sat, 17 Sep 2022 02:19:44 +1000 Subject: [PATCH] Expunge sensitive hostnames and IPs Issue-ID: LOG-47 Change-Id: Id8a315fa0a6253ce1e7da8e72b3f59c4aaa9fadd Signed-off-by: Luke Parker --- .../logstash/conf/onap-pipeline.properties | 32 +++++++++++----------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/elasticstack/logstash/conf/onap-pipeline.properties b/elasticstack/logstash/conf/onap-pipeline.properties index c411122..e9ca191 100644 --- a/elasticstack/logstash/conf/onap-pipeline.properties +++ b/elasticstack/logstash/conf/onap-pipeline.properties @@ -5,53 +5,53 @@ filebeat_port = 5044 ## Enable encryption. Default false. #filebeat_ssl = true - + ## ssl certificate path. #filebeat_ssl_certificate = "/etc/ssl/private/server.crt" - + ## SSL key to use. #filebeat_ssl_key = "/etc/ssl/private/server.key" - + ##SSL key passphrase to use. #filebeat_ssl_key_passphrase = "abcd" - + ## Value can be any of: none, peer, force_peer. #filebeat_ssl_verify_mode = force_peer ######### Elasticsearch output plugin configurations ######### ### ES Security configurations ### - + es_user = "elastic" es_password = "changeme" ## Enable SSL/TLS secured communication to Elasticsearch cluster. ## Default is not set which in that case depends on the protocol specified in hosts list #es_ssl = true - + ## The .cer or .pem file to validate the server’s certificate #es_cacert = "/etc/pki/client/cert.pem" - + ## The keystore used to present a certificate to the server. It can be either .jks or .p12 #es_keystore = "/etc/pki/client/key.p12" #es_keystore_password = "abcd" - + ## Option to validate the server’s certificate. Default is true #es_ssl_certificate_verification = true - + ## The JKS truststore to validate the server’s certificate. #es_truststore = "/etc/pki/client/cacerts.jks" #es_truststore_password = "abcd" - - + + ### Elasticsearchcluster and host configurations ### -#can specify one or a list of hosts. If sniffing is set, one is enough and others will be auto-discovered -##Also protocol can be specified like ["http://10.247.186.12:9200"] -es_hosts = ["10.247.186.12:9200"] +#can specify one or a list of hosts. If sniffing is set, one is enough and others will be auto-discovered +##Also protocol can be specified like ["http://:9200"] +es_hosts = [":9200"] ## Set the address of a forward HTTP proxy. -#es_proxy = "https://genproxy.amdocs.com:8080" - +#es_proxy = "https://:8080" + ##Use this if you must run Elasticsearch behind a proxy that remaps the root path for the Elasticsearch HTTP API lives #es_path = ?? \ No newline at end of file -- 2.16.6