[icinga-checkins] icinga.org: icinga-vagrant/master: icinga2x-elastic: Add filebeat, specify kibana default index and enable icinga2/syslog

git at icinga.org git at icinga.org
Mon Nov 28 23:30:41 CET 2016


Module: icinga-vagrant
Branch: master
Commit: d25f888f0001a918496d74fc4aa02f695a7a0c3c
URL:    https://git.icinga.org/?p=icinga-vagrant.git;a=commit;h=d25f888f0001a918496d74fc4aa02f695a7a0c3c

Author: Michael Friedrich <michael.friedrich at icinga.com>
Date:   Mon Nov 28 21:10:58 2016 +0100

icinga2x-elastic: Add filebeat, specify kibana default index and enable icinga2/syslog

---

 icinga2x-elastic/manifests/default.pp |   35 +++++++++++++++++++++++++++++++++
 1 file changed, 35 insertions(+)

diff --git a/icinga2x-elastic/manifests/default.pp b/icinga2x-elastic/manifests/default.pp
index 543e21b..02b5bf3 100644
--- a/icinga2x-elastic/manifests/default.pp
+++ b/icinga2x-elastic/manifests/default.pp
@@ -263,6 +263,41 @@ class { 'kibana5':
     'logging.events'               => "{ log: ['info', 'warning', 'error', 'fatal'], response: '*', error: '*' }",
     'elasticsearch.requestTimeout' => 500000,
   }
+}->
+class { 'filebeat':
+  outputs => {
+    'elasticsearch' => {
+      'hosts' => [
+        'http://localhost:9200'
+      ],
+      'index' => 'filebeat'
+    }
+  },
+  logging => {
+    'level' => 'debug' #TODO reset after finishing the box
+  }
+}->
+exec { 'filebeat-kibana-index': # filebeat defines the index 'filebeat', but the dashboards provide "filebeat-*". create our own. https://www.elastic.co/guide/en/beats/filebeat/current/elasticsearch-output.html
+  path => '/bin:/usr/bin:/sbin:/usr/sbin',
+  command => "curl -XPUT 'http://localhost:9200/.kibana/index-pattern/filebeat' -d '{ \"title\":\"filebeat\", \"timeFieldName\":\"@timestamp\" }'"
+}->
+exec { 'filebeat-kibana-defaultindex':
+  path => '/bin:/usr/bin:/sbin:/usr/sbin',
+  command => "curl -XPUT 'http://localhost:9200/.kibana/config/5.0.1' -d '{ \"defaultIndex\": \"filebeat\" }'"
+}
+
+
+filebeat::prospector { 'syslogs':
+  paths => [
+    '/var/log/messages'
+  ],
+  doc_type => 'syslog-beat'
+}
+filebeat::prospector { 'icinga2logs':
+  paths => [
+    '/var/log/icinga2/icinga2.log'
+  ],
+  doc_type => 'syslog-beat'
 }
 
 



More information about the icinga-checkins mailing list