Created
October 13, 2022 13:37
-
-
Save taylorwalton/ccf4a24bb8c47fc4d07757512998fa94 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [SERVICE] | |
| flush 5 | |
| daemon Off | |
| log_level info | |
| parsers_file parsers.conf | |
| plugins_file plugins.conf | |
| http_server Off | |
| http_listen 0.0.0.0 | |
| http_port 2020 | |
| storage.metrics on | |
| storage.path /var/log/flb-storage/ | |
| storage.sync normal | |
| storage.checksum off | |
| storage.backlog.mem_limit 5M | |
| Log_File /var/log/td-agent-bit.log | |
| [INPUT] | |
| name tail | |
| path /var/ossec/logs/alerts/alerts.json | |
| tag wazuh | |
| parser json | |
| Buffer_Max_Size 5MB | |
| Buffer_Chunk_Size 400k | |
| storage.type filesystem | |
| Mem_Buf_Limit 512MB | |
| [OUTPUT] | |
| Name tcp | |
| Host *your graylog host* | |
| Port *your graylog port* | |
| net.keepalive off | |
| Match wazuh | |
| Format json_lines | |
| json_date_key true |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment