filebeat:
  # List of prospectors to fetch data.
  prospectors:
    {{ filebeat_prospectors | to_json }}

# Configure what outputs to use when sending the data collected by the beat.
# Multiple outputs may be used.
output:

{% if filebeat_output_elasticsearch_enabled %}
  ### Elasticsearch as output
  elasticsearch:
    # Array of hosts to connect to.
    hosts: {{ filebeat_output_elasticsearch_hosts | to_json }}

    # Optional protocol and basic auth credentials. These are deprecated.
    #protocol: "https"
    #username: "admin"
    #password: "s3cr3t"

    # Number of workers per Elasticsearch host.
    #worker: 1

    # Optional index name. The default is "filebeat" and generates
    # [filebeat-]YYYY.MM.DD keys.
    #index: "filebeat"

    # Optional HTTP Path
    #path: "/elasticsearch"

    # Proxy server URL
    # proxy_url: http://proxy:3128

    # The number of times a particular Elasticsearch index operation is attempted. If
    # the indexing operation doesn't succeed after this many retries, the events are
    # dropped. The default is 3.
    #max_retries: 3

    # The maximum number of events to bulk in a single Elasticsearch bulk API index request.
    # The default is 50.
    #bulk_max_size: 50

    # Configure http request timeout before failing an request to Elasticsearch.
    #timeout: 90

    # The number of seconds to wait for new events between two bulk API index requests.
    # If `bulk_max_size` is reached before this interval expires, addition bulk index
    # requests are made.
    #flush_interval: 1

    # Boolean that sets if the topology is kept in Elasticsearch. The default is
    # false. This option makes sense only for Packetbeat.
    #save_topology: false

    # The time to live in seconds for the topology information that is stored in
    # Elasticsearch. The default is 15 seconds.
    #topology_expire: 15

{% if filebeat_ssl_certificate_file and filebeat_ssl_key_file %}
    # tls configuration. By default is off.
    tls:
      # List of root certificates for HTTPS server verifications
      #certificate_authorities: ["/etc/pki/root/ca.pem"]

      # Certificate for TLS client authentication
      certificate: "{{ filebeat_ssl_dir }}/{{ filebeat_ssl_certificate_file | basename }}"

      # Client Certificate Key
      certificate_key: "{{ filebeat_ssl_dir }}/{{ filebeat_ssl_key_file | basename}}"

      # Controls whether the client verifies server certificates and host name.
      # If insecure is set to true, all server host names and certificates will be
      # accepted. In this mode TLS based connections are susceptible to
      # man-in-the-middle attacks. Use only for testing.
      insecure: {{ filebeat_ssl_insecure }}

      # Configure cipher suites to be used for TLS connections
      #cipher_suites: []

      # Configure curve types for ECDHE based cipher suites
      #curve_types: []

      # Configure minimum TLS version allowed for connection to logstash
      #min_version: 1.0

      # Configure maximum TLS version allowed for connection to logstash
      #max_version: 1.2
{% endif %}
{% endif %}

{% if filebeat_output_logstash_enabled %}
  ### Logstash as output
  logstash:
    # The Logstash hosts
    hosts: {{ filebeat_output_logstash_hosts | to_json }}

    # Number of workers per Logstash host.
    #worker: 1

    # Optional load balance the events between the Logstash hosts
    #loadbalance: true

    # Optional index name. The default index name depends on the each beat.
    # For Packetbeat, the default is set to packetbeat, for Topbeat
    # top topbeat and for Filebeat to filebeat.
    #index: filebeat

{% if filebeat_ssl_certificate_file and filebeat_ssl_key_file %}
    # Optional TLS. By default is off.
    tls:
      # List of root certificates for HTTPS server verifications
      #certificate_authorities: ["/etc/pki/root/ca.pem"]

      # Certificate for TLS client authentication
      certificate: "{{ filebeat_ssl_dir }}/{{ filebeat_ssl_certificate_file | basename }}"

      # Client Certificate Key
      certificate_key: "{{ filebeat_ssl_dir }}/{{ filebeat_ssl_key_file | basename}}"

      # Controls whether the client verifies server certificates and host name.
      # If insecure is set to true, all server host names and certificates will be
      # accepted. In this mode TLS based connections are susceptible to
      # man-in-the-middle attacks. Use only for testing.
      #insecure: true
      insecure: {{ filebeat_ssl_insecure }}

      # Configure cipher suites to be used for TLS connections
      #cipher_suites: []

      # Configure curve types for ECDHE based cipher suites
      #curve_types: []
{% endif %}

{% if filebeat_enable_logging %}
logging:
  ### Filebeat log
  level: {{ filebeat_log_level }}

  # Enable file rotation with default configuration
  to_files: true

  # Do not log to syslog
  to_syslog: false

  files:
    path: {{ filebeat_log_dir }}
    name: {{ filebeat_log_filename }}
    keepfiles: 7
{% endif %}
{% endif %}