[automation] Publish kubernetes templates for elastic-agent

elastic · Jul 17, 2023 · 8ff6cb4 · 8ff6cb4
1 parent 28019e3
commit 8ff6cb4
Show file tree

Hide file tree

Showing 33 changed files with 661 additions and 474 deletions.
diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/apache.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/apache.yml
@@ -1,19 +1,4 @@
 inputs:
-    - name: apache/metrics-apache
-      type: apache/metrics
-      use_output: default
-      streams:
-        - condition: ${kubernetes.hints.apache.status.enabled} == true or ${kubernetes.hints.apache.enabled} == true
-          data_stream:
-            dataset: apache.status
-            type: metrics
-          hosts:
-            - ${kubernetes.hints.apache.status.host|kubernetes.hints.apache.host|'http://127.0.0.1'}
-          metricsets:
-            - status
-          period: ${kubernetes.hints.apache.status.period|kubernetes.hints.apache.period|'30s'}
-          server_status_path: /server-status
-      data_stream.namespace: default
     - name: filestream-apache
       type: filestream
       use_output: default
@@ -59,7 +44,9 @@ inputs:
       type: httpjson
       use_output: default
       streams:
-        - condition: ${kubernetes.hints.apache.access.enabled} == true and ${kubernetes.hints.apache.enabled} == true
+        - auth.basic.password: ${kubernetes.hints.apache.access.password|kubernetes.hints.apache.password|''}
+          auth.basic.user: ${kubernetes.hints.apache.access.username|kubernetes.hints.apache.username|''}
+          condition: ${kubernetes.hints.apache.access.enabled} == true and ${kubernetes.hints.apache.enabled} == true
           config_version: "2"
           cursor:
             index_earliest:
@@ -95,7 +82,9 @@ inputs:
           tags:
             - forwarded
             - apache-access
-        - condition: ${kubernetes.hints.apache.error.enabled} == true and ${kubernetes.hints.apache.enabled} == true
+        - auth.basic.password: ${kubernetes.hints.apache.error.password|kubernetes.hints.apache.password|''}
+          auth.basic.user: ${kubernetes.hints.apache.error.username|kubernetes.hints.apache.username|''}
+          condition: ${kubernetes.hints.apache.error.enabled} == true and ${kubernetes.hints.apache.enabled} == true
           config_version: 2
           cursor:
             index_earliest:
@@ -132,3 +121,18 @@ inputs:
             - forwarded
             - apache-error
       data_stream.namespace: default
+    - name: apache/metrics-apache
+      type: apache/metrics
+      use_output: default
+      streams:
+        - condition: ${kubernetes.hints.apache.status.enabled} == true or ${kubernetes.hints.apache.enabled} == true
+          data_stream:
+            dataset: apache.status
+            type: metrics
+          hosts:
+            - ${kubernetes.hints.apache.status.host|kubernetes.hints.apache.host|'http://127.0.0.1'}
+          metricsets:
+            - status
+          period: ${kubernetes.hints.apache.status.period|kubernetes.hints.apache.period|'30s'}
+          server_status_path: /server-status
+      data_stream.namespace: default
diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/cef.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/cef.yml
@@ -49,3 +49,23 @@ inputs:
             - cef
             - forwarded
       data_stream.namespace: default
+    - name: tcp-cef
+      type: tcp
+      use_output: default
+      streams:
+        - condition: ${kubernetes.hints.cef.log.enabled} == true or ${kubernetes.hints.cef.enabled} == true
+          data_stream:
+            dataset: cef.log
+            type: logs
+          host: localhost:9004
+          processors:
+            - rename:
+                fields:
+                    - from: message
+                      to: event.original
+            - decode_cef:
+                field: event.original
+          tags:
+            - cef
+            - forwarded
+      data_stream.namespace: default
diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/checkpoint.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/checkpoint.yml
@@ -13,7 +13,8 @@ inputs:
             - container:
                 format: auto
                 stream: ${kubernetes.hints.checkpoint.firewall.stream|'all'}
-          paths: null
+          paths:
+            - /var/log/containers/*${kubernetes.hints.container_id}.log
           processors:
             - add_locale: null
             - add_fields:

diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/cockroachdb.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/cockroachdb.yml
@@ -15,11 +15,11 @@ inputs:
           metrics_path: /_status/vars
           metricsets:
             - collector
-          password: null
+          password: ${kubernetes.hints.cockroachdb.status.password|kubernetes.hints.cockroachdb.password|''}
           period: ${kubernetes.hints.cockroachdb.status.period|kubernetes.hints.cockroachdb.period|'10s'}
           ssl.certificate_authorities: null
           use_types: true
-          username: null
+          username: ${kubernetes.hints.cockroachdb.status.username|kubernetes.hints.cockroachdb.username|''}
       data_stream.namespace: default
     - name: filestream-cockroachdb
       type: filestream

diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/cyberarkpas.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/cyberarkpas.yml
@@ -1,4 +1,20 @@
 inputs:
+    - name: tcp-cyberarkpas
+      type: tcp
+      use_output: default
+      streams:
+        - condition: ${kubernetes.hints.cyberarkpas.audit.enabled} == true or ${kubernetes.hints.cyberarkpas.enabled} == true
+          data_stream:
+            dataset: cyberarkpas.audit
+            type: logs
+          host: localhost:9301
+          processors:
+            - add_locale: null
+          tags:
+            - cyberarkpas-audit
+            - forwarded
+          tcp: null
+      data_stream.namespace: default
     - name: udp-cyberarkpas
       type: udp
       use_output: default
@@ -29,7 +45,8 @@ inputs:
             - container:
                 format: auto
                 stream: ${kubernetes.hints.cyberarkpas.audit.stream|'all'}
-          paths: null
+          paths:
+            - /var/log/containers/*${kubernetes.hints.container_id}.log
           processors:
             - add_locale: null
           prospector:
@@ -39,19 +56,3 @@ inputs:
             - forwarded
             - cyberarkpas-audit
       data_stream.namespace: default
-    - name: tcp-cyberarkpas
-      type: tcp
-      use_output: default
-      streams:
-        - condition: ${kubernetes.hints.cyberarkpas.audit.enabled} == true or ${kubernetes.hints.cyberarkpas.enabled} == true
-          data_stream:
-            dataset: cyberarkpas.audit
-            type: logs
-          host: localhost:9301
-          processors:
-            - add_locale: null
-          tags:
-            - cyberarkpas-audit
-            - forwarded
-          tcp: null
-      data_stream.namespace: default