diff --git a/Apps_for_DS/01-Conf_license_slave/default/app.conf b/Apps_for_DS/01-Conf_license_slave/default/app.conf new file mode 100755 index 0000000..149b00b --- /dev/null +++ b/Apps_for_DS/01-Conf_license_slave/default/app.conf @@ -0,0 +1,11 @@ + [launcher] + version = 1.0.0 + author = VABOS + description = Configure instance as License Slave + + [package] + id = Conf_license_slave + + + [ui] + is_visible = false \ No newline at end of file diff --git a/Apps_for_DS/01-Conf_license_slave/default/server.conf b/Apps_for_DS/01-Conf_license_slave/default/server.conf new file mode 100755 index 0000000..b852a52 --- /dev/null +++ b/Apps_for_DS/01-Conf_license_slave/default/server.conf @@ -0,0 +1,9 @@ + # In distributed environments, it's common to have a lone search head acting + # as the license master as well. In this configuration, providing the URI + # of the license master is easiest within the indexer_base configuration. + # In the event that there are multiple search heads, you could instead use + # the org_all_license app, shipped to the non-license SH, as well as all of + # the indexers. In either event, the settings are the same. + + [license] + master_uri = https://SVLCTPLOGLMR.mom.fr:8089 \ No newline at end of file diff --git a/Apps_for_DS/01-Conf_license_slave/local/app.conf b/Apps_for_DS/01-Conf_license_slave/local/app.conf new file mode 100755 index 0000000..1173ea8 --- /dev/null +++ b/Apps_for_DS/01-Conf_license_slave/local/app.conf @@ -0,0 +1 @@ +# Autogenerated file \ No newline at end of file diff --git a/Apps_for_DS/01-idx_kvstore_base/default/app.conf b/Apps_for_DS/01-idx_kvstore_base/default/app.conf new file mode 100755 index 0000000..693301d --- /dev/null +++ b/Apps_for_DS/01-idx_kvstore_base/default/app.conf @@ -0,0 +1,11 @@ +[launcher] +version = 1.0.0 +author = VABOS +description = Disable Kvstore on Indexers + +[package] +id = edf_idx_kvstore_base + + +[ui] +is_visible = false diff --git a/Apps_for_DS/01-idx_kvstore_base/default/server.conf b/Apps_for_DS/01-idx_kvstore_base/default/server.conf new file mode 100755 index 0000000..f4cf81b --- /dev/null +++ b/Apps_for_DS/01-idx_kvstore_base/default/server.conf @@ -0,0 +1,4 @@ +# kvstore not needed on indexers, let's disable it +# even when distributing collection via bundle, it won't be used on indexer as this use lookups in the background +[kvstore] +disabled = true diff --git a/Apps_for_DS/01-idx_kvstore_base/local/app.conf b/Apps_for_DS/01-idx_kvstore_base/local/app.conf new file mode 100755 index 0000000..1173ea8 --- /dev/null +++ b/Apps_for_DS/01-idx_kvstore_base/local/app.conf @@ -0,0 +1 @@ +# Autogenerated file \ No newline at end of file diff --git a/Apps_for_DS/01-idx_receiver_port/default/app.conf b/Apps_for_DS/01-idx_receiver_port/default/app.conf new file mode 100755 index 0000000..c02c82c --- /dev/null +++ b/Apps_for_DS/01-idx_receiver_port/default/app.conf @@ -0,0 +1,11 @@ +[launcher] +version = 1.0.0 +author = VABOS +description = Enable receiving on Indexer layer + +[package] +id = edf_idx_receiver_port + + +[ui] +is_visible = false diff --git a/Apps_for_DS/01-idx_receiver_port/default/inputs.conf b/Apps_for_DS/01-idx_receiver_port/default/inputs.conf new file mode 100755 index 0000000..f9562b9 --- /dev/null +++ b/Apps_for_DS/01-idx_receiver_port/default/inputs.conf @@ -0,0 +1 @@ +[splunktcp://9997] diff --git a/Apps_for_DS/01-idx_receiver_port/local/app.conf b/Apps_for_DS/01-idx_receiver_port/local/app.conf new file mode 100755 index 0000000..1173ea8 --- /dev/null +++ b/Apps_for_DS/01-idx_receiver_port/local/app.conf @@ -0,0 +1 @@ +# Autogenerated file \ No newline at end of file diff --git a/Apps_for_DS/01-idx_volume_indexes/.DS_Store b/Apps_for_DS/01-idx_volume_indexes/.DS_Store new file mode 100644 index 0000000..028aabb Binary files /dev/null and b/Apps_for_DS/01-idx_volume_indexes/.DS_Store differ diff --git a/Apps_for_DS/01-idx_volume_indexes/default/app.conf b/Apps_for_DS/01-idx_volume_indexes/default/app.conf new file mode 100755 index 0000000..538800e --- /dev/null +++ b/Apps_for_DS/01-idx_volume_indexes/default/app.conf @@ -0,0 +1,11 @@ + +[launcher] +version = 1.0.0 +author = VABOS +description = Contient la configuration des volumes de données + +[package] +id = edf_idx_volume_indexes + +[ui] +is_visible = false \ No newline at end of file diff --git a/Apps_for_DS/01-idx_volume_indexes/default/indexes.conf b/Apps_for_DS/01-idx_volume_indexes/default/indexes.conf new file mode 100755 index 0000000..840aac3 --- /dev/null +++ b/Apps_for_DS/01-idx_volume_indexes/default/indexes.conf @@ -0,0 +1,7 @@ +[volume:primary] +path = /data/splunk_data +maxVolumeDataSizeMB = 60000 + +[volume:secondary] +path = /data_cold/splunk_data +maxVolumeDataSizeMB = 240000 diff --git a/Apps_for_DS/01-idx_volume_indexes/local/app.conf b/Apps_for_DS/01-idx_volume_indexes/local/app.conf new file mode 100755 index 0000000..1173ea8 --- /dev/null +++ b/Apps_for_DS/01-idx_volume_indexes/local/app.conf @@ -0,0 +1 @@ +# Autogenerated file \ No newline at end of file diff --git a/Apps_for_DS/01-idx_volume_indexes/metadata/local.meta b/Apps_for_DS/01-idx_volume_indexes/metadata/local.meta new file mode 100755 index 0000000..d827768 --- /dev/null +++ b/Apps_for_DS/01-idx_volume_indexes/metadata/local.meta @@ -0,0 +1,3 @@ +[] +access = read : [ * ], write : [ admin ] +export = system diff --git a/Apps_for_DS/01-idx_web_base/.DS_Store b/Apps_for_DS/01-idx_web_base/.DS_Store new file mode 100644 index 0000000..0f32880 Binary files /dev/null and b/Apps_for_DS/01-idx_web_base/.DS_Store differ diff --git a/Apps_for_DS/01-idx_web_base/default/app.conf b/Apps_for_DS/01-idx_web_base/default/app.conf new file mode 100755 index 0000000..184f4ca --- /dev/null +++ b/Apps_for_DS/01-idx_web_base/default/app.conf @@ -0,0 +1,11 @@ +[launcher] +version = 1.0.0 +author = Mattys Hervé (OBS) +description = Disable Web access on Indexers + +[package] +id = odin_idx_web_base + + +[ui] +is_visible = false diff --git a/Apps_for_DS/01-idx_web_base/default/web.conf b/Apps_for_DS/01-idx_web_base/default/web.conf new file mode 100755 index 0000000..ccb5abc --- /dev/null +++ b/Apps_for_DS/01-idx_web_base/default/web.conf @@ -0,0 +1,12 @@ +# In larger environments, where there are more than, say, three indexers, +# it's common to disable the Splunk UI. This helps avoid configuration issues +# caused by logging in to the UI to do something directly via the manager, +# as well as saving some system resources. + +[settings] + startwebserver = 0 + +# avoid timeout when indexer loaded +splunkdConnectionTimeout = 120 + + diff --git a/Apps_for_DS/01-idx_web_base/local/app.conf b/Apps_for_DS/01-idx_web_base/local/app.conf new file mode 100755 index 0000000..1173ea8 --- /dev/null +++ b/Apps_for_DS/01-idx_web_base/local/app.conf @@ -0,0 +1 @@ +# Autogenerated file \ No newline at end of file diff --git a/Apps_for_DS/02-M-TIC_CM/local/app.conf b/Apps_for_DS/02-M-TIC_CM/local/app.conf new file mode 100755 index 0000000..7ed6d3d --- /dev/null +++ b/Apps_for_DS/02-M-TIC_CM/local/app.conf @@ -0,0 +1,11 @@ +[launcher] +author = VABOS +description = Configure Distributed Search for Monitoring Console +version = 1.0 + +[package] +id = MAQ_M-TIC_DSMC + + +[ui] +is_visible = false diff --git a/Apps_for_DS/02-M-TIC_CM/local/distsearch.conf b/Apps_for_DS/02-M-TIC_CM/local/distsearch.conf new file mode 100755 index 0000000..345f2ef --- /dev/null +++ b/Apps_for_DS/02-M-TIC_CM/local/distsearch.conf @@ -0,0 +1,19 @@ +[distributedSearch:dmc_group_search_head] +servers = localhost:localhost +[distributedSearch:dmc_group_cluster_master] + + +[distributedSearch:dmc_group_license_master] + +[distributedSearch:dmc_group_deployment_server] + +[distributedSearch:dmc_group_indexer] +default = false +servers = SVLCTPLOGIDX01.mom.fr:8089,SVLCTPLOGIDX02.mom.fr:8089 + +[distributedSearch:dmc_group_shc_deployer] + +[distributedSearch:dmc_group_kv_store] + +[distributedSearch:dmc_indexerclustergroup_Cluster_M-TIC] +servers = localhost:localhost,SVLCTPLOGIDX01.mom.fr:8089,SVLCTPLOGIDX02.mom.fr:8089 diff --git a/Apps_for_DS/02-M-TIC_all_forwarding_outputs/default/app.conf b/Apps_for_DS/02-M-TIC_all_forwarding_outputs/default/app.conf new file mode 100755 index 0000000..ff2b941 --- /dev/null +++ b/Apps_for_DS/02-M-TIC_all_forwarding_outputs/default/app.conf @@ -0,0 +1,11 @@ +[launcher] +version = 1.0 +author = VABOS +description = Enable forwarding to Indexer layer + +[package] +id = m-tic_all_forwarding_outputs + + +[ui] +is_visible = false diff --git a/Apps_for_DS/02-M-TIC_all_forwarding_outputs/default/outputs.conf b/Apps_for_DS/02-M-TIC_all_forwarding_outputs/default/outputs.conf new file mode 100755 index 0000000..2fb176a --- /dev/null +++ b/Apps_for_DS/02-M-TIC_all_forwarding_outputs/default/outputs.conf @@ -0,0 +1,12 @@ +# BASE SETTINGS + +[tcpout] +# Change here to specify the indexer group +defaultGroup = m-tic_indexer +maxQueueSize = 7MB +useACK = true +forceTimebasedAutoLB = true + +[tcpout:m-tic_indexer] +server = SVLCTPLOGIDX01.mom.fr:9997, SVLCTPLOGIDX02.mom.fr:9997 +~ diff --git a/Apps_for_DS/02-M-TIC_all_forwarding_outputs/local/app.conf b/Apps_for_DS/02-M-TIC_all_forwarding_outputs/local/app.conf new file mode 100755 index 0000000..1173ea8 --- /dev/null +++ b/Apps_for_DS/02-M-TIC_all_forwarding_outputs/local/app.conf @@ -0,0 +1 @@ +# Autogenerated file \ No newline at end of file diff --git a/Apps_for_DS/02-M-TIC_catchall_forwarders_inputs/local/app.conf b/Apps_for_DS/02-M-TIC_catchall_forwarders_inputs/local/app.conf new file mode 100755 index 0000000..771fc72 --- /dev/null +++ b/Apps_for_DS/02-M-TIC_catchall_forwarders_inputs/local/app.conf @@ -0,0 +1,9 @@ +[install] +state = enabled + +[package] +check_for_updates = false + +[ui] +is_visible = false +is_manageable = false diff --git a/Apps_for_DS/02-M-TIC_catchall_forwarders_inputs/local/inputs.conf b/Apps_for_DS/02-M-TIC_catchall_forwarders_inputs/local/inputs.conf new file mode 100755 index 0000000..42ce7ae --- /dev/null +++ b/Apps_for_DS/02-M-TIC_catchall_forwarders_inputs/local/inputs.conf @@ -0,0 +1,4 @@ +[monitor:///var/rsyslog/*/catchother/*/*/*.log] +disabled = false +index = idx_m-tic_catchall +sourcetype = catchall \ No newline at end of file diff --git a/Apps_for_DS/02-M-TIC_catchall_forwarders_inputs/metadata/local.meta b/Apps_for_DS/02-M-TIC_catchall_forwarders_inputs/metadata/local.meta new file mode 100755 index 0000000..04740cf --- /dev/null +++ b/Apps_for_DS/02-M-TIC_catchall_forwarders_inputs/metadata/local.meta @@ -0,0 +1,3 @@ +[] +access = read : [ * ], write : [ admin ] +export = system diff --git a/Apps_for_DS/02-M-TIC_cisco_forwarders_inputs/local/app.conf b/Apps_for_DS/02-M-TIC_cisco_forwarders_inputs/local/app.conf new file mode 100755 index 0000000..771fc72 --- /dev/null +++ b/Apps_for_DS/02-M-TIC_cisco_forwarders_inputs/local/app.conf @@ -0,0 +1,9 @@ +[install] +state = enabled + +[package] +check_for_updates = false + +[ui] +is_visible = false +is_manageable = false diff --git a/Apps_for_DS/02-M-TIC_cisco_forwarders_inputs/local/inputs.conf b/Apps_for_DS/02-M-TIC_cisco_forwarders_inputs/local/inputs.conf new file mode 100755 index 0000000..d205169 --- /dev/null +++ b/Apps_for_DS/02-M-TIC_cisco_forwarders_inputs/local/inputs.conf @@ -0,0 +1,4 @@ +[monitor:///var/rsyslog/*/cisco/.../*.log] +disabled = false +index = idx_m-tic_cisco +sourcetype = cisco \ No newline at end of file diff --git a/Apps_for_DS/02-M-TIC_cisco_forwarders_inputs/metadata/local.meta b/Apps_for_DS/02-M-TIC_cisco_forwarders_inputs/metadata/local.meta new file mode 100755 index 0000000..04740cf --- /dev/null +++ b/Apps_for_DS/02-M-TIC_cisco_forwarders_inputs/metadata/local.meta @@ -0,0 +1,3 @@ +[] +access = read : [ * ], write : [ admin ] +export = system diff --git a/Apps_for_DS/02-M-TIC_cluster_master_base/default/app.conf b/Apps_for_DS/02-M-TIC_cluster_master_base/default/app.conf new file mode 100755 index 0000000..1c4bb3d --- /dev/null +++ b/Apps_for_DS/02-M-TIC_cluster_master_base/default/app.conf @@ -0,0 +1,11 @@ +[launcher] +version = 1.0.0 +author = VABOS +description = Configure Cluster Master + +[package] +id = M-TIC_cluster_master_base + + +[ui] +is_visible = false diff --git a/Apps_for_DS/02-M-TIC_cluster_master_base/default/server.conf b/Apps_for_DS/02-M-TIC_cluster_master_base/default/server.conf new file mode 100755 index 0000000..dd414e5 --- /dev/null +++ b/Apps_for_DS/02-M-TIC_cluster_master_base/default/server.conf @@ -0,0 +1,5 @@ +[clustering] +cluster_label = Cluster_M-TIC +mode = master +pass4SymmKey = $7$1JZXXCgXZOKWw96+KVrSoIutrByS/XTphleSPBtf6kKOfqNZ3ei5Nbl5/5c8nxenjVnypA== +replication_factor = 2 diff --git a/Apps_for_DS/02-M-TIC_cluster_master_base/local/app.conf b/Apps_for_DS/02-M-TIC_cluster_master_base/local/app.conf new file mode 100755 index 0000000..1173ea8 --- /dev/null +++ b/Apps_for_DS/02-M-TIC_cluster_master_base/local/app.conf @@ -0,0 +1 @@ +# Autogenerated file \ No newline at end of file diff --git a/Apps_for_DS/02-M-TIC_esxi_forwarders_inputs/local/app.conf b/Apps_for_DS/02-M-TIC_esxi_forwarders_inputs/local/app.conf new file mode 100755 index 0000000..771fc72 --- /dev/null +++ b/Apps_for_DS/02-M-TIC_esxi_forwarders_inputs/local/app.conf @@ -0,0 +1,9 @@ +[install] +state = enabled + +[package] +check_for_updates = false + +[ui] +is_visible = false +is_manageable = false diff --git a/Apps_for_DS/02-M-TIC_esxi_forwarders_inputs/local/inputs.conf b/Apps_for_DS/02-M-TIC_esxi_forwarders_inputs/local/inputs.conf new file mode 100755 index 0000000..d108a5d --- /dev/null +++ b/Apps_for_DS/02-M-TIC_esxi_forwarders_inputs/local/inputs.conf @@ -0,0 +1,4 @@ +[monitor:///var/rsyslog/*/esxi/*/*/*.log] +disabled = false +index = idx_m-tic_esxi +sourcetype = esxi \ No newline at end of file diff --git a/Apps_for_DS/02-M-TIC_esxi_forwarders_inputs/metadata/local.meta b/Apps_for_DS/02-M-TIC_esxi_forwarders_inputs/metadata/local.meta new file mode 100755 index 0000000..04740cf --- /dev/null +++ b/Apps_for_DS/02-M-TIC_esxi_forwarders_inputs/metadata/local.meta @@ -0,0 +1,3 @@ +[] +access = read : [ * ], write : [ admin ] +export = system diff --git a/Apps_for_DS/02-M-TIC_fortigate_forwarders_inputs/local/app.conf b/Apps_for_DS/02-M-TIC_fortigate_forwarders_inputs/local/app.conf new file mode 100755 index 0000000..771fc72 --- /dev/null +++ b/Apps_for_DS/02-M-TIC_fortigate_forwarders_inputs/local/app.conf @@ -0,0 +1,9 @@ +[install] +state = enabled + +[package] +check_for_updates = false + +[ui] +is_visible = false +is_manageable = false diff --git a/Apps_for_DS/02-M-TIC_fortigate_forwarders_inputs/local/inputs.conf b/Apps_for_DS/02-M-TIC_fortigate_forwarders_inputs/local/inputs.conf new file mode 100755 index 0000000..a94ccf2 --- /dev/null +++ b/Apps_for_DS/02-M-TIC_fortigate_forwarders_inputs/local/inputs.conf @@ -0,0 +1,4 @@ +[monitor:///var/rsyslog/*/fortigate/*/*/*.log] +disabled = false +index = idx_m-tic_fortigate +sourcetype = fortigate \ No newline at end of file diff --git a/Apps_for_DS/02-M-TIC_fortigate_forwarders_inputs/metadata/local.meta b/Apps_for_DS/02-M-TIC_fortigate_forwarders_inputs/metadata/local.meta new file mode 100755 index 0000000..04740cf --- /dev/null +++ b/Apps_for_DS/02-M-TIC_fortigate_forwarders_inputs/metadata/local.meta @@ -0,0 +1,3 @@ +[] +access = read : [ * ], write : [ admin ] +export = system diff --git a/Apps_for_DS/02-M-TIC_idx_cluster_base/.DS_Store b/Apps_for_DS/02-M-TIC_idx_cluster_base/.DS_Store new file mode 100644 index 0000000..0f32880 Binary files /dev/null and b/Apps_for_DS/02-M-TIC_idx_cluster_base/.DS_Store differ diff --git a/Apps_for_DS/02-M-TIC_idx_cluster_base/default/app.conf b/Apps_for_DS/02-M-TIC_idx_cluster_base/default/app.conf new file mode 100755 index 0000000..9cfba3a --- /dev/null +++ b/Apps_for_DS/02-M-TIC_idx_cluster_base/default/app.conf @@ -0,0 +1,11 @@ +[launcher] +version = 1.0.0 +author = VABOS +description = Configure default clustering options on Indexers + +[package] +id = M-TIC_idx_cluster_base + + +[ui] +is_visible = false diff --git a/Apps_for_DS/02-M-TIC_idx_cluster_base/default/fields.conf b/Apps_for_DS/02-M-TIC_idx_cluster_base/default/fields.conf new file mode 100755 index 0000000..1b1a8f3 --- /dev/null +++ b/Apps_for_DS/02-M-TIC_idx_cluster_base/default/fields.conf @@ -0,0 +1,2 @@ +[edfZone] +INDEXED = true \ No newline at end of file diff --git a/Apps_for_DS/02-M-TIC_idx_cluster_base/default/server.conf b/Apps_for_DS/02-M-TIC_idx_cluster_base/default/server.conf new file mode 100755 index 0000000..5881a17 --- /dev/null +++ b/Apps_for_DS/02-M-TIC_idx_cluster_base/default/server.conf @@ -0,0 +1,9 @@ +[general] +site = site1 + +[replication_port://9100] + +[clustering] +master_uri = https://SVLCTPLOGCLM01.mom.fr:8089 +mode = peer +pass4SymmKey = $7$i7IqoiyC1DpnVbSVtwGzuVTO5rmVyPCI2CMacpHEFs3N2oFAaF0EJ049Otza diff --git a/Apps_for_DS/02-M-TIC_idx_cluster_base/local/app.conf b/Apps_for_DS/02-M-TIC_idx_cluster_base/local/app.conf new file mode 100755 index 0000000..1173ea8 --- /dev/null +++ b/Apps_for_DS/02-M-TIC_idx_cluster_base/local/app.conf @@ -0,0 +1 @@ +# Autogenerated file \ No newline at end of file diff --git a/Apps_for_DS/02-M-TIC_idx_indexes_base/default/app.conf b/Apps_for_DS/02-M-TIC_idx_indexes_base/default/app.conf new file mode 100755 index 0000000..b17b3c9 --- /dev/null +++ b/Apps_for_DS/02-M-TIC_idx_indexes_base/default/app.conf @@ -0,0 +1,11 @@ +[launcher] +version = 1.0.0 +author = VABOS +description = Configure default optimisation on Indexers + +[package] +id = edf_idx_indexes_base + + +[ui] +is_visible = false diff --git a/Apps_for_DS/02-M-TIC_idx_indexes_base/default/indexes.conf b/Apps_for_DS/02-M-TIC_idx_indexes_base/default/indexes.conf new file mode 100755 index 0000000..d0454de --- /dev/null +++ b/Apps_for_DS/02-M-TIC_idx_indexes_base/default/indexes.conf @@ -0,0 +1,65 @@ +[default] +thawedPath = $SPLUNK_DB/$_index_name/thaweddb +coldPath = volume:secondary/$_index_name/colddb +homePath = volume:primary/$_index_name/db +tstatsHomePath = volume:primary/$_index_name/datamodel_summary +tsidxWritingLevel = 4 +journalCompression = zstd +enableDataIntegrityControl = 0 +enableTsidxReduction = 0 +archiver.enableDataArchive = 0 +bucketRebuildMemoryHint = 0 +compressRawdata = 1 +enableOnlineBucketRepair = 1 +rtRouterQueueSize = +rtRouterThreads = +selfStorageThreads = +suspendHotRollByDeleteQuery = 0 +syncMeta = 1 + +[idx_m-tic_windows] + +[idx_m-tic_fortigate] + +[idx_m-tic_linux] + +[idx_m-tic_esxi] + +[vmware-esxilog] + +[vmware-perf-metrics] +datatype = metric + +[vmware-inv] + +[vmware-taskevent] + +[vmware-vclog] + +[idx_m-tic_alcatel] + +[idx_m-tic_cisco] + +[idx_m-tic_switch] + +[idx_m-tic_catchall] + +[idx_m-tic_catchother] + +[idx_m-tic_other] + +[idx_m-tic_glpi] + +[idx_m-tic_glpi_vm] + +[idx_m-tic_glpi_kb] + +[idx_m-tic_glpi_sep] + +[idx_m-tic_glpi_obsolescence] + +[idx_m-tic_genetec_sc] + +[idx_ldap] + +[idx_m-tic_synology] \ No newline at end of file diff --git a/Apps_for_DS/02-M-TIC_idx_indexes_base/local/app.conf b/Apps_for_DS/02-M-TIC_idx_indexes_base/local/app.conf new file mode 100755 index 0000000..1173ea8 --- /dev/null +++ b/Apps_for_DS/02-M-TIC_idx_indexes_base/local/app.conf @@ -0,0 +1 @@ +# Autogenerated file \ No newline at end of file diff --git a/Apps_for_DS/02-M-TIC_linux_forwarders_inputs/local/app.conf b/Apps_for_DS/02-M-TIC_linux_forwarders_inputs/local/app.conf new file mode 100755 index 0000000..771fc72 --- /dev/null +++ b/Apps_for_DS/02-M-TIC_linux_forwarders_inputs/local/app.conf @@ -0,0 +1,9 @@ +[install] +state = enabled + +[package] +check_for_updates = false + +[ui] +is_visible = false +is_manageable = false diff --git a/Apps_for_DS/02-M-TIC_linux_forwarders_inputs/local/inputs.conf b/Apps_for_DS/02-M-TIC_linux_forwarders_inputs/local/inputs.conf new file mode 100755 index 0000000..c179be9 --- /dev/null +++ b/Apps_for_DS/02-M-TIC_linux_forwarders_inputs/local/inputs.conf @@ -0,0 +1,5 @@ +[monitor:///var/rsyslog/*/linux/.../*.log] +disabled = 0 +host_segment = 6 +index = idx_m-tic_linux +sourcetype = syslog_linux diff --git a/Apps_for_DS/02-M-TIC_linux_forwarders_inputs/metadata/local.meta b/Apps_for_DS/02-M-TIC_linux_forwarders_inputs/metadata/local.meta new file mode 100755 index 0000000..04740cf --- /dev/null +++ b/Apps_for_DS/02-M-TIC_linux_forwarders_inputs/metadata/local.meta @@ -0,0 +1,3 @@ +[] +access = read : [ * ], write : [ admin ] +export = system diff --git a/Apps_for_DS/02-M-TIC_sh_idxcluster_base/default/app.conf b/Apps_for_DS/02-M-TIC_sh_idxcluster_base/default/app.conf new file mode 100755 index 0000000..a662815 --- /dev/null +++ b/Apps_for_DS/02-M-TIC_sh_idxcluster_base/default/app.conf @@ -0,0 +1,11 @@ +[launcher] +version = 1.0.0 +author = VABOS +description = Configure Search Head for IDX Clustering + +[package] +id = M-TIN_sh_idxcluster_base + + +[ui] +is_visible = false diff --git a/Apps_for_DS/02-M-TIC_sh_idxcluster_base/default/server.conf b/Apps_for_DS/02-M-TIC_sh_idxcluster_base/default/server.conf new file mode 100755 index 0000000..aa5431d --- /dev/null +++ b/Apps_for_DS/02-M-TIC_sh_idxcluster_base/default/server.conf @@ -0,0 +1,9 @@ +[general] +site = site2 + +[clustering] +multisite = true +master_uri = https://SVLHTMLOGCLM01.unit-h.edf.fr:8089 +mode = searchhead +pass4SymmKey = $7$i7IqoiyC1DpnVbSVtwGzuVTO5rmVyPCI2CMacpHEFs3N2oFAaF0EJ049Otza + diff --git a/Apps_for_DS/02-M-TIC_sh_idxcluster_base/local/app.conf b/Apps_for_DS/02-M-TIC_sh_idxcluster_base/local/app.conf new file mode 100755 index 0000000..1173ea8 --- /dev/null +++ b/Apps_for_DS/02-M-TIC_sh_idxcluster_base/local/app.conf @@ -0,0 +1 @@ +# Autogenerated file \ No newline at end of file diff --git a/Apps_for_DS/02-M-TIC_windows_forwarders_inputs/local/app.conf b/Apps_for_DS/02-M-TIC_windows_forwarders_inputs/local/app.conf new file mode 100755 index 0000000..771fc72 --- /dev/null +++ b/Apps_for_DS/02-M-TIC_windows_forwarders_inputs/local/app.conf @@ -0,0 +1,9 @@ +[install] +state = enabled + +[package] +check_for_updates = false + +[ui] +is_visible = false +is_manageable = false diff --git a/Apps_for_DS/02-M-TIC_windows_forwarders_inputs/local/inputs.conf b/Apps_for_DS/02-M-TIC_windows_forwarders_inputs/local/inputs.conf new file mode 100755 index 0000000..c3a0e72 --- /dev/null +++ b/Apps_for_DS/02-M-TIC_windows_forwarders_inputs/local/inputs.conf @@ -0,0 +1,7 @@ +[WinEventLog] +interval=60 +evt_resolve_ad_obj = 0 +evt_dc_name= +evt_dns_name= +index = idx_m-tic_windows +sourcetype = events_windows \ No newline at end of file diff --git a/Apps_for_DS/02-M-TIC_windows_forwarders_inputs/metadata/local.meta b/Apps_for_DS/02-M-TIC_windows_forwarders_inputs/metadata/local.meta new file mode 100755 index 0000000..04740cf --- /dev/null +++ b/Apps_for_DS/02-M-TIC_windows_forwarders_inputs/metadata/local.meta @@ -0,0 +1,3 @@ +[] +access = read : [ * ], write : [ admin ] +export = system