Created the version 6 for ELK. Fixed #135 (#145)

* Created the version 6 for ELK. Fixed #135 * Needed to make sure all the data volumes were set up properly. Some paths had VulnWhisperer, vulnwhisperer, vulnwhisp/data. * Delete 9998_output_broker_rabbitmq.conf * Delete 9998_input_broker_rabbitmq.conf * Delete 0001_input_beats.conf * add to gitignore creds files + correct elk5 docker-compose * elk changed to 6.6.0 from 6.5.2, output path from logstash to elasticsearch host
2019-02-05 11:30:51 -05:00
parent 3cd13229a3
commit 14b71a25b8
10 changed files with 821 additions and 0 deletions
--- a/elk6/pipeline/4000_jira.conf
+++ b/elk6/pipeline/4000_jira.conf
@ -0,0 +1,25 @@
+# Description: Take in jira tickets from vulnWhisperer and pumps into logstash
+
+input {
+  file {
+    path => "/opt/vulnwhisperer/data/jira/*.json"
+    type => json
+    codec => json
+    start_position => "beginning"
+    mode => "read"
+    start_position => "beginning"
+    file_completed_action => "delete"
+    
+    tags => [ "jira" ]
+  }
+}
+
+output {
+  if "jira" in [tags] {
+    stdout { codec => rubydebug }
+    elasticsearch {
+      hosts => [ "elasticsearch:9200" ]
+      index => "logstash-vulnwhisperer-%{+YYYY.MM}"
+    }
+  }
+}