dest

jisosomppi · Sep 19, 2018 · 52a6c55 · 52a6c55
1 parent c461c32
commit 52a6c55
Show file tree

Hide file tree

Showing 4 changed files with 53 additions and 4 deletions.
diff --git a/etc/kibana/kibana.yml b/etc/kibana/kibana.yml
@@ -4,7 +4,7 @@ server.port: 5601
 # Specifies the address to which the Kibana server will bind. IP addresses and host names are both valid values.
 # The default is 'localhost', which usually means remote machines will not be able to connect.
 # To allow connections from remote users, set this parameter to a non-loopback address.
-server.host: "172.28.171.25"
+server.host: "172.28.175.21"
 
 # Enables you to specify a path to mount Kibana at if you are running behind a proxy.
 # Use the `server.rewriteBasePath` setting to tell Kibana if it should remove the basePath
@@ -25,7 +25,7 @@ server.host: "172.28.171.25"
 server.name: "logmaster"
 
 # The URL of the Elasticsearch instance to use for all your queries.
-elasticsearch.url: "http://172.28.171.25:9200"
+elasticsearch.url: "http://172.28.175.21:9200"
 
 # When this setting's value is true Kibana uses the hostname specified in the server.host
 # setting. When the value of this setting is false, Kibana uses the hostname of the host

diff --git a/etc/rsyslog.d/50-default.conf b/etc/rsyslog.d/50-default.conf
@@ -2,7 +2,7 @@
 #
 #			For more information see rsyslog.conf(5) and /etc/rsyslog.conf
 
-*.*				@172.28.171.25:514;elasticsearch.conf
+*.*				@172.28.175.21:514;elasticsearch.conf
 
 #
 # First some standard log files.  Log by facility.

diff --git a/etc/rsyslog.d/50-default.conf.save b/etc/rsyslog.d/50-default.conf.save
@@ -0,0 +1,49 @@
+#  Default rules for rsyslog.
+#
+#			For more information see rsyslog.conf(5) and /etc/rsyslog.conf
+
+*.*				@:514;elasticsearch.conf
+
+#
+# First some standard log files.  Log by facility.
+#
+auth,authpriv.*			/var/log/auth.log
+*.*;auth,authpriv.none		-/var/log/syslog
+#cron.*				/var/log/cron.log
+#daemon.*			-/var/log/daemon.log
+kern.*				-/var/log/kern.log
+#lpr.*				-/var/log/lpr.log
+mail.*				-/var/log/mail.log
+#user.*				-/var/log/user.log
+
+#
+# Logging for the mail system.  Split it up so that
+# it is easy to write scripts to parse these files.
+#
+#mail.info			-/var/log/mail.info
+#mail.warn			-/var/log/mail.warn
+mail.err			/var/log/mail.err
+
+#
+# Logging for INN news system.
+#
+news.crit			/var/log/news/news.crit
+news.err			/var/log/news/news.err
+news.notice			-/var/log/news/news.notice
+
+#
+# Some "catch-all" log files.
+#
+#*.=debug;\
+#	auth,authpriv.none;\
+#	news.none;mail.none	-/var/log/debug
+#*.=info;*.=notice;*.=warn;\
+#	auth,authpriv.none;\
+#	cron,daemon.none;\
+#	mail,news.none		-/var/log/messages
+
+#
+# Emergencies are sent to everybody logged in.
+#
+*.emerg                                :omusrmsg:*
+
diff --git a/etc/rsyslog.d/elasticsearch.conf b/etc/rsyslog.d/elasticsearch.conf
@@ -28,7 +28,7 @@ template(name="plain-syslog"
   }
 
 action(type="omelasticsearch"
-  server="{{ 172.28.171.25 }}"
+  server="{{ 172.28.175.21 }}"
   serverport="9200"
   template="plain-syslog"  # use the template defined earlier
   searchIndex="logstash-index"