# CONFIGURED BY ANSIBLE # # wgas docker container logs # [INPUT] name tail path /var/lib/docker/containers/*/*.log docker_mode on parser json_no_time tag docker # provides level msg file [FILTER] name parser match docker key_name log parser wgas_logs preserve_key true reserve_data true [FILTER] name modify match docker add sensor wgdocker@{{inventory_hostname}} #[OUTPUT] # name file # match docker # path /var/log # file fluent-bit.log [OUTPUT] name opensearch match docker host {{log_host}} port {{log_port}} tls on tls.verify on index audithack-wgas http_user {{log_http_user}} http_passwd {{log_http_passwd}} suppress_type_name on #replace_dots on trace_error on