-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsample.yaml
43 lines (34 loc) · 1.25 KB
/
sample.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
# Target cluster to search for missing patterns
elasticsearch:
url: 'https://es-example-api.com:9200'
username: example
password: something
# Kibana instance to dump patterns into
kibana:
url: 'https://es-example.com'
username: example
password: something
# Misc settings, including how to find our patterns, aside from origin,
# all items can be left blank
index:
# Method for finding patterns; choices are "ilm" or "data stream"
origin: 'ilm'
# Template for the pattern, combined with cluster_prefix for {cluster_prefix}:{template}
# e.g. 'custom-prefix-{name}-*'
template: '{name}-*'
# Prefix to affix to all patterns instead of the cluster name, useful
# if you have several clusters named the same, for sharding, optionally
# specify "{cluster}" to affix the cluster name within the prefix instead
# of a hard value
cluster_prefix: '{cluster}'
# Prefixes to ignore when looking for patterns
ignore_prefix:
- '.'
# Regular expressions to ignore when looking for patterns
ignore_regex:
- '^\.geoip_.*$'
# Slack info, do not include if you do not wish to dump to slack
slack:
webhook: 'https://slack-url-webhook.com/...'
# Patterns are a list after the message, spaces are stripped
message: 'New patterns ready:'