-
-
Notifications
You must be signed in to change notification settings - Fork 7
SWELF Central Configuration
SWELF in version 0.2.0.0 and later can be configured to be centrally managed. This is achieved through any web server that SWELF can communicate with and browse its directories. This is outlined in the design diagram.
To properly configure the web server and SWELF app to allow SWELF to complete the requirements for central configuration the following must be done.
The ConsoleAppConfig.conf file must have the (at a minimum) "central_app_config" argument with the location of the webserver. The webserver location should be the same as see the URL in a web browser (ie chrome).
For example hxxp://192[.]168[.]56[.]101:8080/SWELF/examples/Config/ConsoleAppConfig.conf. (The URL is defanged in the example) This will tell it to use only central configuration options for the local configuration folder.
Central Config Commands for the ConsoleAppConfig.conf are as follow:
central_app_config
central_search_config
central_plugin_search_config
central_whitelist_search_config
Sidenotes:
-
Currently SWELF central configuration only works for the search,plugin search, and appconfig folders and its files.
-
To centrally reset the SWELF searching process on endpoints you can "Eventlog_with_PlaceKeeper.txt" file to have all log sources =1 and the local app will then research all event logs.
- Home
- How it Works
- Knowledge Base
- Configuration
- Searchs
- Plugins
- Usage
- Extras
- SWELF Logging
- SWELF Development