updated for FreeBSD 12.2

jails/config/monitor/alert_rules.yml

@@ -1,4 +1,4 @@
-# Copyright (c) 2018-2020, diyIT.org
+# Copyright (c) 2018-2021, diyIT.org
 # All rights reserved.
 #
 # BSD 2-Clause License ("Simplified BSD License" or "FreeBSD License")

jails/config/monitor/alertmanager.yml

@@ -1,4 +1,4 @@
-# Copyright (c) 2018-2020, diyIT.org
+# Copyright (c) 2018-2021, diyIT.org
 # All rights reserved.
 #
 # BSD 2-Clause License ("Simplified BSD License" or "FreeBSD License")

jails/config/monitor/elasticsearch.yml

@@ -1,105 +0,0 @@
-# ======================== Elasticsearch Configuration =========================
-#
-# NOTE: Elasticsearch comes with reasonable defaults for most settings.
-#       Before you set out to tweak and tune the configuration, make sure you
-#       understand what are you trying to accomplish and the consequences.
-#
-# The primary way of configuring a node is via this file. This template lists
-# the most important settings you may want to configure for a production cluster.
-#
-# Please consult the documentation for further information on configuration options:
-# https://www.elastic.co/guide/en/elasticsearch/reference/index.html
-#
-# ---------------------------------- Cluster -----------------------------------
-#
-# Use a descriptive name for your cluster:
-#
-cluster.name: diyit
-#
-# ------------------------------------ Node ------------------------------------
-#
-# Use a descriptive name for the node:
-#
-node.name: node-1
-#
-# Add custom attributes to the node:
-#
-#node.attr.rack: r1
-
-xpack.security.audit.enabled: true
-xpack.security.enabled: true
-xpack.security.http.ssl.enabled: true
-xpack.security.transport.ssl.enabled: true
-xpack.security.http.ssl.key: certs/diyprivkeyr.pem
-xpack.security.http.ssl.certificate: certs/diyfullchain.pem
-xpack.security.http.ssl.certificate_authorities: certs/cacert.pem
-xpack.security.transport.ssl.key: certs/diyprivkeyr.pem
-xpack.security.transport.ssl.certificate: certs/diyfullchain.pem
-xpack.security.transport.ssl.certificate_authorities: certs/cacert.pem
-
-#
-# ----------------------------------- Paths ------------------------------------
-#
-# Path to directory where to store the data (separate multiple locations by comma):
-#
-#path.data: /path/to/data
-path.data: /data/elasticsearch
-#
-# Path to log files:
-#
-#path.logs: /path/to/logs
-path.logs: /var/log/elasticsearch
-#
-# ----------------------------------- Memory -----------------------------------
-#
-# Lock the memory on startup:
-#
-#bootstrap.memory_lock: true
-#
-# Make sure that the heap size is set to about half the memory available
-# on the system and that the owner of the process is allowed to use this
-# limit.
-#
-# Elasticsearch performs poorly when the system is swapping the memory.
-#
-# ---------------------------------- Network -----------------------------------
-#
-# Set the bind address to a specific IP (IPv4 or IPv6):
-#
-network.host: _epair0b_
-#
-# Set a custom port for HTTP:
-#
-#http.port: 9200
-#
-# For more information, consult the network module documentation.
-#
-# --------------------------------- Discovery ----------------------------------
-#
-# Pass an initial list of hosts to perform discovery when new node is started:
-# The default list of hosts is ["127.0.0.1", "[::1]"]
-#
-#discovery.zen.ping.unicast.hosts: ["host1", "host2"]
-#
-# Prevent the "split brain" by configuring the majority of nodes (total number of master-eligible nodes / 2 + 1):
-#
-#discovery.zen.minimum_master_nodes: 
-#
-# For more information, consult the zen discovery module documentation.
-#
-# ---------------------------------- Gateway -----------------------------------
-#
-# Block initial recovery after a full cluster restart until N nodes are started:
-#
-#gateway.recover_after_nodes: 3
-#
-# For more information, consult the gateway module documentation.
-#
-# ---------------------------------- Various -----------------------------------
-#
-# Require explicit names when deleting indices:
-#
-#action.destructive_requires_name: true
-
-# ml is not supported on FreeBSD
-xpack.ml.enabled: false

jails/config/monitor/heartbeat.yml

@@ -1,197 +0,0 @@
-################### Heartbeat Configuration Example #########################
-
-# This file is an example configuration file highlighting only some common options.
-# The heartbeat.reference.yml file in the same directory contains all the supported options
-# with detailed comments. You can use it for reference.
-#
-# You can find the full configuration reference here:
-# https://www.elastic.co/guide/en/beats/heartbeat/index.html
-
-############################# Heartbeat ######################################
-
-# Define a directory to load monitor definitions from. Definitions take the form
-# of individual yaml files.
-heartbeat.config.monitors:
-  # Directory + glob pattern to search for configuration files
-  path: ${path.config}/monitors.d/*.yml
-  # If enabled, heartbeat will periodically check the config.monitors path for changes
-  reload.enabled: false
-  # How often to check for changes
-  reload.period: 5s
-
-# Configure monitors inline
-heartbeat.monitors:
-- type: http
-
-  # List or urls to query
-  #urls: ["http://localhost:9200"]
-  urls: ["https://google.com","https://aws.amazon.com"]
-
-  # Configure task schedule
-  schedule: '@every 10s'
-
-  # Total test connection and data exchange timeout
-  #timeout: 16s
-
-#==================== Elasticsearch template setting ==========================
-
-setup.template.settings:
-  index.number_of_shards: 1
-  index.codec: best_compression
-  #_source.enabled: false
-
-#================================ General =====================================
-
-# The name of the shipper that publishes the network data. It can be used to group
-# all the transactions sent by a single shipper in the web interface.
-#name:
-
-# The tags of the shipper are included in their own field with each
-# transaction published.
-#tags: ["service-X", "web-tier"]
-
-# Optional fields that you can specify to add additional information to the
-# output.
-#fields:
-#  env: staging
-
-
-#================================= Paths ======================================
-
-# The home path for the filebeat installation. This is the default base path
-# for all other path settings and for miscellaneous files that come with the
-# distribution (for example, the sample dashboards).
-# If not set by a CLI flag or in the configuration file, the default for the
-# home path is the location of the binary.
-#path.home:
-
-# The configuration path for the filebeat installation. This is the default
-# base path for configuration files, including the main YAML configuration file
-# and the Elasticsearch template file. If not set by a CLI flag or in the
-# configuration file, the default for the configuration path is the home path.
-#path.config: ${path.home}
-
-# The data path for the filebeat installation. This is the default base path
-# for all the files in which filebeat needs to store its data. If not set by a
-# CLI flag or in the configuration file, the default for the data path is a data
-# subdirectory inside the home path.
-#path.data: ${path.home}/data
-
-# The logs path for a filebeat installation. This is the default location for
-# the Beat's log files. If not set by a CLI flag or in the configuration file,
-# the default for the logs path is a logs subdirectory inside the home path.
-#path.logs: ${path.home}/logs
-
-
-#============================== Dashboards =====================================
-# These settings control loading the sample dashboards to the Kibana index. Loading
-# the dashboards is disabled by default and can be enabled either by setting the
-# options here, or by using the `-setup` CLI flag or the `setup` command.
-#setup.dashboards.enabled: false
-#setup.dashboards.enabled: true
-
-# The URL from where to download the dashboards archive. By default this URL
-# has a value which is computed based on the Beat name and version. For released
-# versions, this URL points to the dashboard archive on the artifacts.elastic.co
-# website.
-#setup.dashboards.url:
-
-#============================== Kibana =====================================
-
-# Starting with Beats version 6.0.0, the dashboards are loaded via the Kibana API.
-# This requires a Kibana endpoint configuration.
-setup.kibana:
-
-  # Kibana Host
-  # Scheme and port can be left out and will be set to the default (http and 5601)
-  # In case you specify and additional path, the scheme is required: http://localhost:5601/path
-  # IPv6 addresses should always be defined as: https://[2001:db8::1]:5601
-  #host: "localhost:5601"
-  #host: "https://kibanax.diyit.org:443"
-  host: "http://kibanax.diyit.org:5601"
-
-  # Kibana Space ID
-  # ID of the Kibana Space into which the dashboards should be loaded. By default,
-  # the Default Space will be used.
-  #space.id:
-
-#============================= Elastic Cloud ==================================
-
-# These settings simplify using heartbeat with the Elastic Cloud (https://cloud.elastic.co/).
-
-# The cloud.id setting overwrites the `output.elasticsearch.hosts` and
-# `setup.kibana.host` options.
-# You can find the `cloud.id` in the Elastic Cloud web UI.
-#cloud.id:
-
-# The cloud.auth setting overwrites the `output.elasticsearch.username` and
-# `output.elasticsearch.password` settings. The format is `<user>:<pass>`.
-#cloud.auth:
-
-#================================ Outputs =====================================
-
-# Configure what output to use when sending the data collected by the beat.
-
-#-------------------------- Elasticsearch output ------------------------------
-#output.elasticsearch:
-  # Array of hosts to connect to.
-  #hosts: ["localhost:9200"]
-
-  # Enabled ilm (beta) to use index lifecycle management instead daily indices.
-  #ilm.enabled: false
-
-  # Optional protocol and basic auth credentials.
-  #protocol: "https"
-  #username: "elastic"
-  #password: "changeme"
-
-#----------------------------- Logstash output --------------------------------
-output.logstash:
-  # The Logstash hosts
-  hosts: ["kibanax.diyit.org:5044"]
-
-  # Optional SSL. By default is off.
-  # List of root certificates for HTTPS server verifications
-  #ssl.certificate_authorities: ["/etc/pki/root/ca.pem"]
-
-  # Certificate for SSL client authentication
-  #ssl.certificate: "/etc/pki/client/cert.pem"
-
-  # Client Certificate Key
-  #ssl.key: "/etc/pki/client/cert.key"
-
-#================================ Processors =====================================
-
-# Configure processors to enhance or manipulate events generated by the beat.
-
-processors:
-  - add_host_metadata: ~
-  - add_cloud_metadata: ~
-
-#================================ Logging =====================================
-
-# Sets log level. The default log level is info.
-# Available log levels are: error, warning, info, debug
-#logging.level: debug
-
-# At debug level, you can selectively enable logging only for some components.
-# To enable all selectors use ["*"]. Examples of other selectors are "beat",
-# "publish", "service".
-#logging.selectors: ["*"]
-logging.to_syslog: true
-logging.to_files: false
-
-#============================== Xpack Monitoring ===============================
-# heartbeat can export internal metrics to a central Elasticsearch monitoring
-# cluster.  This requires xpack monitoring to be enabled in Elasticsearch.  The
-# reporting is disabled by default.
-
-# Set to true to enable the monitoring reporter.
-#xpack.monitoring.enabled: false
-
-# Uncomment to send the metrics to Elasticsearch. Most settings from the
-# Elasticsearch output are accepted here as well. Any setting that is not set is
-# automatically inherited from the Elasticsearch output configuration, so if you
-# have the Elasticsearch output configured, you can simply uncomment the
-# following line.
-#xpack.monitoring.elasticsearch:

jails/config/monitor/kibana.yml

@@ -1,113 +0,0 @@
-# Kibana is served by a back end server. This setting specifies the port to use.
-#server.port: 5601
-
-# Specifies the address to which the Kibana server will bind. IP addresses and host names are both valid values.
-# The default is 'localhost', which usually means remote machines will not be able to connect.
-# To allow connections from remote users, set this parameter to a non-loopback address.
-server.host: "::"
-
-# Enables you to specify a path to mount Kibana at if you are running behind a proxy.
-# Use the `server.rewriteBasePath` setting to tell Kibana if it should remove the basePath
-# from requests it receives, and to prevent a deprecation warning at startup.
-# This setting cannot end in a slash.
-#server.basePath: ""
-
-# Specifies whether Kibana should rewrite requests that are prefixed with
-# `server.basePath` or require that they are rewritten by your reverse proxy.
-# This setting was effectively always `false` before Kibana 6.3 and will
-# default to `true` starting in Kibana 7.0.
-#server.rewriteBasePath: false
-
-# The maximum payload size in bytes for incoming server requests.
-#server.maxPayloadBytes: 1048576
-
-# The Kibana server's name.  This is used for display purposes.
-server.name: "kibana.diyit.org"
-
-# The URLs of the Elasticsearch instances to use for all your queries.
-elasticsearch.hosts: ["https://kibanax.diyit.org:9200"]
-
-# When this setting's value is true Kibana uses the hostname specified in the server.host
-# setting. When the value of this setting is false, Kibana uses the hostname of the host
-# that connects to this Kibana instance.
-#elasticsearch.preserveHost: true
-
-# Kibana uses an index in Elasticsearch to store saved searches, visualizations and
-# dashboards. Kibana creates a new index if the index doesn't already exist.
-#kibana.index: ".kibana"
-
-# The default application to load.
-#kibana.defaultAppId: "home"
-
-# If your Elasticsearch is protected with basic authentication, these settings provide
-# the username and password that the Kibana server uses to perform maintenance on the Kibana
-# index at startup. Your Kibana users still need to authenticate with Elasticsearch, which
-# is proxied through the Kibana server.
-elasticsearch.username: "kibana"
-elasticsearch.password: "0AKzGiy2Cu4Klaz23asT"
-
-# Enables SSL and paths to the PEM-format SSL certificate and SSL key files, respectively.
-# These settings enable SSL for outgoing requests from the Kibana server to the browser.
-server.ssl.enabled: true
-server.ssl.certificate: /mnt/certs/diyfullchain.pem
-server.ssl.key: /mnt/certs/diyprivkeyr.pem
-
-# Optional settings that provide the paths to the PEM-format SSL certificate and key files.
-# These files validate that your Elasticsearch backend uses the same key files.
-#elasticsearch.ssl.certificate: /path/to/your/client.crt
-#elasticsearch.ssl.key: /path/to/your/client.key
-
-# Optional setting that enables you to specify a path to the PEM file for the certificate
-# authority for your Elasticsearch instance.
-elasticsearch.ssl.certificateAuthorities: [ "/mnt/certs/cacert.pem" ]
-
-# To disregard the validity of SSL certificates, change this setting's value to 'none'.
-elasticsearch.ssl.verificationMode: full
-
-# Time in milliseconds to wait for Elasticsearch to respond to pings. Defaults to the value of
-# the elasticsearch.requestTimeout setting.
-#elasticsearch.pingTimeout: 1500
-
-# Time in milliseconds to wait for responses from the back end or Elasticsearch. This value
-# must be a positive integer.
-#elasticsearch.requestTimeout: 30000
-
-# List of Kibana client-side headers to send to Elasticsearch. To send *no* client-side
-# headers, set this value to [] (an empty list).
-#elasticsearch.requestHeadersWhitelist: [ authorization ]
-
-# Header names and values that are sent to Elasticsearch. Any custom headers cannot be overwritten
-# by client-side headers, regardless of the elasticsearch.requestHeadersWhitelist configuration.
-#elasticsearch.customHeaders: {}
-
-# Time in milliseconds for Elasticsearch to wait for responses from shards. Set to 0 to disable.
-#elasticsearch.shardTimeout: 30000
-
-# Time in milliseconds to wait for Elasticsearch at Kibana startup before retrying.
-#elasticsearch.startupTimeout: 5000
-
-# Logs queries sent to Elasticsearch. Requires logging.verbose set to true.
-#elasticsearch.logQueries: false
-
-# Specifies the path where Kibana creates the process ID file.
-#pid.file: /var/run/kibana.pid
-
-# Enables you specify a file where Kibana stores log output.
-#logging.dest: stdout
-
-# Set the value of this setting to true to suppress all logging output.
-#logging.silent: false
-
-# Set the value of this setting to true to suppress all logging output other than error messages.
-#logging.quiet: false
-
-# Set the value of this setting to true to log all events, including system usage information
-# and all requests.
-#logging.verbose: false
-
-# Set the interval in milliseconds to sample system and process performance
-# metrics. Minimum is 100ms. Defaults to 5000.
-#ops.interval: 5000
-
-# Specifies locale to be used for all localizable strings, dates and number formats.
-#i18n.locale: "en"

jails/config/monitor/logstash.conf

@@ -1,30 +0,0 @@
-# Copyright (c) 2018-2020, diyIT.org
-# All rights reserved.
-#
-# BSD 2-Clause License ("Simplified BSD License" or "FreeBSD License")
-# https://diyit.org/license/
-#
-#
-
-input {
-  beats {
-    port => 5044
-    ssl => false
-    ssl_key => '/mnt/certs/diyprivkeyr.pem'
-    ssl_certificate => '/mnt/certs/diyfullchain.pem'
-    ssl_certificate_authorities => ["/mnt/certs/cacert.pem"]
-    ssl_verify_mode => "force_peer"
-  }
-}
-
-output {
-  elasticsearch {
-    ssl => true
-    ssl_certificate_verification => true
-    cacert => '/mnt/certs/cacert.pem'
-    hosts => ["https://kibanax.diyit.org:9200"]
-    index => "%{[@metadata][beat]}-%{[@metadata][version]}-%{+YYYY.MM.dd}"
-    user => "elastic"
-    password => "${es_pwd}"
-  }
-}

jails/config/monitor/logstash.yml

@@ -1,251 +0,0 @@
-# Settings file in YAML
-#
-# Settings can be specified either in hierarchical form, e.g.:
-#
-#   pipeline:
-#     batch:
-#       size: 125
-#       delay: 5
-#
-# Or as flat keys:
-#
-#   pipeline.batch.size: 125
-#   pipeline.batch.delay: 5
-#
-# ------------  Node identity ------------
-#
-# Use a descriptive name for the node:
-#
-# node.name: test
-node.name: logstash
-#
-# If omitted the node name will default to the machine's host name
-#
-# ------------ Data path ------------------
-#
-# Which directory should be used by logstash and its plugins
-# for any persistent needs. Defaults to LOGSTASH_HOME/data
-#
-# path.data:
-path.data: /var/db/logstash
-#
-# ------------ Pipeline Settings --------------
-#
-# The ID of the pipeline.
-#
-# pipeline.id: main
-#
-# Set the number of workers that will, in parallel, execute the filters+outputs
-# stage of the pipeline.
-#
-# This defaults to the number of the host's CPU cores.
-#
-pipeline.workers: 8
-#
-# How many events to retrieve from inputs before sending to filters+workers
-#
-# pipeline.batch.size: 125
-#
-# How long to wait in milliseconds while polling for the next event
-# before dispatching an undersized batch to filters+outputs
-#
-# pipeline.batch.delay: 50
-#
-# Force Logstash to exit during shutdown even if there are still inflight
-# events in memory. By default, logstash will refuse to quit until all
-# received events have been pushed to the outputs.
-#
-# WARNING: enabling this can lead to data loss during shutdown
-#
-# pipeline.unsafe_shutdown: false
-#
-# ------------ Pipeline Configuration Settings --------------
-#
-# Where to fetch the pipeline configuration for the main pipeline
-#
-path.config: /usr/local/etc/logstash/logstash.conf
-#
-# Pipeline configuration string for the main pipeline
-#
-# config.string:
-#
-# At startup, test if the configuration is valid and exit (dry run)
-#
-# config.test_and_exit: false
-#
-# Periodically check if the configuration has changed and reload the pipeline
-# This can also be triggered manually through the SIGHUP signal
-#
-# config.reload.automatic: false
-#
-# How often to check if the pipeline configuration has changed (in seconds)
-#
-# config.reload.interval: 3s
-#
-# Show fully compiled configuration as debug log message
-# NOTE: --log.level must be 'debug'
-#
-# config.debug: false
-#
-# When enabled, process escaped characters such as \n and \" in strings in the
-# pipeline configuration files.
-#
-# config.support_escapes: false
-#
-# ------------ Module Settings ---------------
-# Define modules here.  Modules definitions must be defined as an array.
-# The simple way to see this is to prepend each `name` with a `-`, and keep
-# all associated variables under the `name` they are associated with, and
-# above the next, like this:
-#
-# modules:
-#   - name: MODULE_NAME
-#     var.PLUGINTYPE1.PLUGINNAME1.KEY1: VALUE
-#     var.PLUGINTYPE1.PLUGINNAME1.KEY2: VALUE
-#     var.PLUGINTYPE2.PLUGINNAME1.KEY1: VALUE
-#     var.PLUGINTYPE3.PLUGINNAME3.KEY1: VALUE
-#
-# Module variable names must be in the format of
-#
-# var.PLUGIN_TYPE.PLUGIN_NAME.KEY
-#
-# modules:
-#
-# ------------ Cloud Settings ---------------
-# Define Elastic Cloud settings here.
-# Format of cloud.id is a base64 value e.g. dXMtZWFzdC0xLmF3cy5mb3VuZC5pbyRub3RhcmVhbCRpZGVudGlmaWVy
-# and it may have an label prefix e.g. staging:dXMtZ...
-# This will overwrite 'var.elasticsearch.hosts' and 'var.kibana.host'
-# cloud.id: <identifier>
-#
-# Format of cloud.auth is: <user>:<pass>
-# This is optional
-# If supplied this will overwrite 'var.elasticsearch.username' and 'var.elasticsearch.password'
-# If supplied this will overwrite 'var.kibana.username' and 'var.kibana.password'
-# cloud.auth: elastic:<password>
-#
-# ------------ Queuing Settings --------------
-#
-# Internal queuing model, "memory" for legacy in-memory based queuing and
-# "persisted" for disk-based acked queueing. Defaults is memory
-#
-# queue.type: memory
-#
-# If using queue.type: persisted, the directory path where the data files will be stored.
-# Default is path.data/queue
-#
-# path.queue:
-#
-# If using queue.type: persisted, the page data files size. The queue data consists of
-# append-only data files separated into pages. Default is 64mb
-#
-# queue.page_capacity: 64mb
-#
-# If using queue.type: persisted, the maximum number of unread events in the queue.
-# Default is 0 (unlimited)
-#
-# queue.max_events: 0
-#
-# If using queue.type: persisted, the total capacity of the queue in number of bytes.
-# If you would like more unacked events to be buffered in Logstash, you can increase the
-# capacity using this setting. Please make sure your disk drive has capacity greater than
-# the size specified here. If both max_bytes and max_events are specified, Logstash will pick
-# whichever criteria is reached first
-# Default is 1024mb or 1gb
-#
-# queue.max_bytes: 1024mb
-#
-# If using queue.type: persisted, the maximum number of acked events before forcing a checkpoint
-# Default is 1024, 0 for unlimited
-#
-# queue.checkpoint.acks: 1024
-#
-# If using queue.type: persisted, the maximum number of written events before forcing a checkpoint
-# Default is 1024, 0 for unlimited
-#
-# queue.checkpoint.writes: 1024
-#
-# If using queue.type: persisted, the interval in milliseconds when a checkpoint is forced on the head page
-# Default is 1000, 0 for no periodic checkpoint.
-#
-# queue.checkpoint.interval: 1000
-#
-# ------------ Dead-Letter Queue Settings --------------
-# Flag to turn on dead-letter queue.
-#
-# dead_letter_queue.enable: false
-
-# If using dead_letter_queue.enable: true, the maximum size of each dead letter queue. Entries
-# will be dropped if they would increase the size of the dead letter queue beyond this setting.
-# Default is 1024mb
-# dead_letter_queue.max_bytes: 1024mb
-
-# If using dead_letter_queue.enable: true, the directory path where the data files will be stored.
-# Default is path.data/dead_letter_queue
-#
-# path.dead_letter_queue:
-#
-# ------------ Metrics Settings --------------
-#
-# Bind address for the metrics REST endpoint
-#
-# http.host: "127.0.0.1"
-#
-# Bind port for the metrics REST endpoint, this option also accept a range
-# (9600-9700) and logstash will pick up the first available ports.
-#
-# http.port: 9600-9700
-#
-# ------------ Debugging Settings --------------
-#
-# Options for log.level:
-#   * fatal
-#   * error
-#   * warn
-#   * info (default)
-#   * debug
-#   * trace
-#
-# log.level: info
-#log.level: debug
-# path.logs:
-#
-# ------------ Other Settings --------------
-#
-# Where to find custom plugins
-# path.plugins: []
-#
-# ------------ X-Pack Settings (not applicable for OSS build)--------------
-#
-# X-Pack Monitoring
-# https://www.elastic.co/guide/en/logstash/current/monitoring-logstash.html
-xpack.monitoring.enabled: true
-xpack.monitoring.elasticsearch.username: logstash_system
-xpack.monitoring.elasticsearch.password: a746MPWa1AVieOJlDtM2
-xpack.monitoring.elasticsearch.hosts: ["https://kibanax.diyit.org:9200"]
-#xpack.monitoring.elasticsearch.hosts: ["https://es1:9200", "https://es2:9200"]
-xpack.monitoring.elasticsearch.ssl.certificate_authority: "/mnt/certs/cacert.pem"
-#xpack.monitoring.elasticsearch.ssl.truststore.path: /path/to/file
-#xpack.monitoring.elasticsearch.ssl.truststore.password: password
-#xpack.monitoring.elasticsearch.ssl.keystore.path: /path/to/file
-#xpack.monitoring.elasticsearch.ssl.keystore.password: password
-xpack.monitoring.elasticsearch.ssl.verification_mode: certificate
-#xpack.monitoring.elasticsearch.sniffing: false
-#xpack.monitoring.collection.interval: 10s
-#xpack.monitoring.collection.pipeline.details.enabled: true
-#
-# X-Pack Management
-# https://www.elastic.co/guide/en/logstash/current/logstash-centralized-pipeline-management.html
-#xpack.management.enabled: false
-#xpack.management.pipeline.id: ["main", "apache_logs"]
-#xpack.management.elasticsearch.username: logstash_admin_user
-#xpack.management.elasticsearch.password: password
-#xpack.management.elasticsearch.hosts: ["https://es1:9200", "https://es2:9200"]
-#xpack.management.elasticsearch.ssl.certificate_authority: [ "/path/to/ca.crt" ]
-#xpack.management.elasticsearch.ssl.truststore.path: /path/to/file
-#xpack.management.elasticsearch.ssl.truststore.password: password
-#xpack.management.elasticsearch.ssl.keystore.path: /path/to/file
-#xpack.management.elasticsearch.ssl.keystore.password: password
-#xpack.management.elasticsearch.ssl.verification_mode: certificate
-#xpack.management.elasticsearch.sniffing: false
-#xpack.management.logstash.poll_interval: 5s

jails/config/monitor/matomo-archive

@@ -0,0 +1,2 @@
+MAILTO="sharad@diyit.org"
+5 5 * * * /usr/local/bin/php /usr/local/www/matomo/console core:archive --url=https://ahlawat.com/matomo/ >> /root/matomo-archive.log

jails/config/monitor/prometheus.yml

@@ -1,4 +1,4 @@
-# Copyright (c) 2018-2020, diyIT.org
+# Copyright (c) 2018-2021, diyIT.org
 # All rights reserved.
 #
 # BSD 2-Clause License ("Simplified BSD License" or "FreeBSD License")

jails/config/monitor/start_logstash.sh

@@ -1,3 +0,0 @@
-mount proc
-/usr/sbin/daemon -f /usr/local/logstash/bin/logstash --path.settings /usr/local/etc/logstash -l /var/log/logstash
-ps axww | grep logstash