This is a Chef cookbook to manage auditbeat.
For Production environment, always prefer the most recent release.
cookbook 'auditbeat', '~> 0.0.2'
cookbook 'auditbeat', github: 'vkhatri/chef-auditbeat', tag: 'v0.0.2'
https://github.com/vkhatri/chef-auditbeat
- CentOS 6, 7
- Ubuntu 14
- Amazon Linux
-
Chef 12 (last tested on 12.21.3)
-
Chef 13 (last tested on 13.2.20)
- windows
- apt
- yum
- yum-plugin-versionlock
-
auditbeat::attributes
- cookbook derived default attributes -
auditbeat::config
- configure auditbeat -
auditbeat::default
- default recipe (use it for run_list) -
auditbeat::install_package
- install auditbeat package for linux platform -
auditbeat::install_package_preview
- install auditbeat preview (alpha/beta) package for linux platform -
auditbeat::install_windows
- install auditbeat for windows platform
-
default['auditbeat']['version']
(default:6.0.0-beta1
): auditbeat version -
default['auditbeat']['ignore_version']
(default:false
): ignore auditbeat version forpackage
install -
default['auditbeat']['setup_repo']
(default:true
): setupapt
oryum
repository if set totrue
-
default['auditbeat']['release']
(default:1
): auditbeat release for yum package -
default['auditbeat']['package_url']
(default:auto
): package url for windows installation -
default['auditbeat']['conf_dir']
(default:/etc/auditbeat
): auditbeat yaml configuration file directory -
default['auditbeat']['conf_file']
(default:/etc/auditbeat/auditbeat.yml
): auditbeat configuration file -
default['auditbeat']['notify_restart']
(default:true
): whether to restart auditbeat service on configuration file change -
default['auditbeat']['disable_service']
(default:false
): whether to stop and disable auditbeat service
-
default['auditbeat']['config']['auditbeat.modules']
(default:[]
): auditbeat modules -
default['auditbeat']['config']['auditbeat']['registry_file']
(default:/var/lib/auditbeat/registry
): auditbeat registry location -
default['auditbeat']['config']['output']
(default:{}
): configure elasticsearch. logstash, file etc. output
For more attribute info, visit below links:
https://github.com/elastic/beats/blob/master/auditbeat/auditbeat.reference.yml https://www.elastic.co/guide/en/beats/auditbeat/current/auditbeat-overview.html
-
default['auditbeat']['yum']['description']
(default: ``): beats yum reporitory attribute -
default['auditbeat']['yum']['gpgcheck']
(default:true
): beats yum reporitory attribute -
default['auditbeat']['yum']['enabled']
(default:true
): beats yum reporitory attribute -
default['auditbeat']['yum']['baseurl']
(default:https://packages.elastic.co/beats/yum/el/$basearch
): beats yum reporitory attribute -
default['auditbeat']['yum']['gpgkey']
(default:https://packages.elasticsearch.org/GPG-KEY-elasticsearch
): beats yum reporitory attribute -
default['auditbeat']['yum']['metadata_expire']
(default:3h
): beats yum reporitory attribute -
default['auditbeat']['yum']['action']
(default::create
): beats yum reporitory attribute -
default['auditbeat']['apt']['description']
(default:calculated
): beats apt reporitory attribute -
default['auditbeat']['apt']['components']
(default:['stable', 'main']
): beats apt reporitory attribute -
default['auditbeat']['apt']['uri']
(default:https://packages.elastic.co/beats/apt
): beats apt reporitory attribute -
default['auditbeat']['apt']['key']
(default:http://packages.elasticsearch.org/GPG-KEY-elasticsearch
): beats apt reporitory attribute -
default['auditbeat']['apt']['action']
(default::add
): auditbeat apt reporitory attribute
-
default['auditbeat']['service']['name']
(default:auditbeat
): auditbeat service name -
default['auditbeat']['service']['retries']
(default::0
): auditbeat service resource attribute -
default['auditbeat']['service']['retry_delay']
(default::2
): auditbeat service resource attribute
- Fork the repository on Github
- Create a named feature branch (like
add_component_x
) - Write your change
- Write tests for your change (if applicable)
- Run the tests (
rake & rake knife
), ensuring they all pass - Write new resource/attribute description to
README.md
- Write description about changes to PR
- Submit a Pull Request using Github
Authors:: Virender Khatri and Contributors
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.