Protopopys/gist:024679185b7a7e24fd3b551b1e343c75

## gistfile1.txt
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: agent-node-datastreams
  namespace: elastic-stack
  labels:
    app.kubernetes.io/name: agent-node-datastreams
    app.kubernetes.io/version: "7.16.2"
    app.kubernetes.io/managed-by: ansible
    app.kubernetes.io/component: elastic-agent
    app.kubernetes.io/part-of: elastic-stack
data:
  agent.yml: |-
    agent:
      logging:
        level: info
      monitoring:
        enabled: true
        use_output: default
        logs: true
        metrics: true

    #================================= Kubernetes Provider =================================
    #  Provides inventory information from Kubernetes.

    providers.kubernetes:
      node: ${NODE_NAME}

      # Specify the level for autodiscover.
      # scope can either take node or cluster as values.
      # node scope allows discovery of resources in the specified node.
      # cluster scope allows cluster wide discovery.
      # Only pod and node resources can be discovered at node scope.
      scope: node

    inputs:
      - name: system-metrics
        type: system/metrics
        use_output: default
        meta:
          package:
            name: system
            version: 0.10.9
        data_stream:
          namespace: default
        streams:

          - data_stream:
              dataset: system.core
              type: metrics
            metricsets:
              - core
            core.metrics:
              - percentages

          - data_stream:
              dataset: system.cpu
              type: metrics
            period: 10s
            cpu.metrics:
              - percentages
              - normalized_percentages
            metricsets:
              - cpu

          - data_stream:
              dataset: system.diskio
              type: metrics
            period: 10s
            diskio.include_devices: null
            metricsets:
              - diskio

          - data_stream:
              dataset: system.filesystem
              type: metrics
            period: 1m
            metricsets:
              - filesystem
            processors:
              - drop_event.when.regexp:
                  system.filesystem.mount_point: ^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)

          - data_stream:
              dataset: system.fsstat
              type: metrics
            period: 1m
            metricsets:
              - fsstat
            processors:
              - drop_event.when.regexp:
                  system.fsstat.mount_point: ^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)

          - data_stream:
              dataset: system.load
              type: metrics
            period: 10s
            metricsets:
              - load

          - data_stream:
              dataset: system.memory
              type: metrics
            period: 10s
            metricsets:
              - memory

          - data_stream:
              dataset: system.network
              type: metrics
            period: 10s
            network.interfaces: null
            metricsets:
              - network

          - data_stream:
              dataset: system.process
              type: metrics
            process.include_top_n.by_memory: 5
            period: 10s
            processes:
              - .*
            process.include_top_n.by_cpu: 5
            process.cgroups.enabled: false
            process.cmdline.cache.enabled: true
            metricsets:
              - process
            process.include_cpu_ticks: false
            system.hostfs: /hostfs

          - data_stream:
              dataset: system.process_summary
              type: metrics
            period: 10s
            metricsets:
              - process_summary
            system.hostfs: /hostfs

          - data_stream:
              dataset: system.socket_summary
              type: metrics
            period: 10s
            metricsets:
              - socket_summary
            system.hostfs: /hostfs
      - name: system-logs
        type: logfile
        use_output: default
        meta:
          package:
            name: system
            version: 0.10.7
        data_stream:
          namespace: default
        streams:

          - data_stream:
              dataset: system.auth
              type: logs
            paths:
              - /var/log/auth.log*
              - /var/log/secure*
            exclude_files:
              - .gz$
            multiline:
              pattern: ^\s
              match: after
            processors:
              - add_fields:
                  target: ''
                  fields:
                    ecs.version: 1.12.0

          - data_stream:
              dataset: system.syslog
              type: logs
            paths:
              - /var/log/messages*
              - /var/log/syslog*
            exclude_files:
              - .gz$
            multiline:
              pattern: ^\s
              match: after
            processors:
              - add_fields:
                  target: ''
                  fields:
                    ecs.version: 1.12.0
      - name: kubernetes-cluster-metrics
        condition: ${kubernetes_leaderelection.leader} == true
        type: kubernetes/metrics
        use_output: default
        meta:
          package:
            name: kubernetes
            version: 1.9.0
        data_stream:
          namespace: default
        streams:

          - data_stream:
              dataset: kubernetes.apiserver
              type: metrics
            metricsets:
              - apiserver
            bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
            hosts:
              - 'https://kubernetes.default.svc.cluster.local:443'
            period: 30s
            ssl.certificate_authorities:
              - /var/run/secrets/kubernetes.io/serviceaccount/ca.crt

          - data_stream:
              dataset: kubernetes.event
              type: metrics
            metricsets:
              - event
            period: 10s
            add_metadata: true

          - data_stream:
              dataset: kubernetes.state_container
              type: metrics
            metricsets:
              - state_container
            add_metadata: true
            hosts: ["https://kube-state-metrics.openshift-monitoring.svc:8443"]
            bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
            ssl.certificate_authorities:
              - /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
            period: 10s

          - data_stream:
              dataset: kubernetes.state_cronjob
              type: metrics
            metricsets:
              - state_cronjob
            add_metadata: true
            hosts: ["https://kube-state-metrics.openshift-monitoring.svc:8443"]
            bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
            ssl.certificate_authorities:
              - /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
            period: 10s

          - data_stream:
              dataset: kubernetes.state_daemonset
              type: metrics
            metricsets:
              - state_daemonset
            add_metadata: true
            hosts: ["https://kube-state-metrics.openshift-monitoring.svc:8443"]
            bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
            ssl.certificate_authorities:
              - /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
            period: 10s

          - data_stream:
              dataset: kubernetes.state_deployment
              type: metrics
            metricsets:
              - state_deployment
            add_metadata: true
            hosts: ["https://kube-state-metrics.openshift-monitoring.svc:8443"]
            bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
            ssl.certificate_authorities:
              - /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
            period: 10s

          - data_stream:
              dataset: kubernetes.state_job
              type: metrics
            metricsets:
              - state_job
            add_metadata: true
            hosts: ["https://kube-state-metrics.openshift-monitoring.svc:8443"]
            bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
            ssl.certificate_authorities:
              - /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
            period: 10s

          - data_stream:
              dataset: kubernetes.state_node
              type: metrics
            metricsets:
              - state_node
            add_metadata: true
            hosts: ["https://kube-state-metrics.openshift-monitoring.svc:8443"]
            bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
            ssl.certificate_authorities:
              - /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
            period: 10s

          - data_stream:
              dataset: kubernetes.state_persistentvolume
              type: metrics
            metricsets:
              - state_persistentvolume
            add_metadata: true
            hosts: ["https://kube-state-metrics.openshift-monitoring.svc:8443"]
            bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
            ssl.certificate_authorities:
              - /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
            period: 10s

          - data_stream:
              dataset: kubernetes.state_persistentvolumeclaim
              type: metrics
            metricsets:
              - state_persistentvolumeclaim
            add_metadata: true
            hosts: ["https://kube-state-metrics.openshift-monitoring.svc:8443"]
            bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
            ssl.certificate_authorities:
              - /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
            period: 10s

          - data_stream:
              dataset: kubernetes.state_pod
              type: metrics
            metricsets:
              - state_pod
            add_metadata: true
            hosts: ["https://kube-state-metrics.openshift-monitoring.svc:8443"]
            bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
            ssl.certificate_authorities:
              - /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
            period: 10s

          - data_stream:
              dataset: kubernetes.state_replicaset
              type: metrics
            metricsets:
              - state_replicaset
            add_metadata: true
            hosts: ["https://kube-state-metrics.openshift-monitoring.svc:8443"]
            bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
            ssl.certificate_authorities:
              - /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
            period: 10s

          - data_stream:
              dataset: kubernetes.state_resourcequota
              type: metrics
            metricsets:
              - state_resourcequota
            add_metadata: true
            hosts: ["https://kube-state-metrics.openshift-monitoring.svc:8443"]
            bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
            ssl.certificate_authorities:
              - /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
            period: 10s

          - data_stream:
              dataset: kubernetes.state_service
              type: metrics
            metricsets:
              - state_service
            add_metadata: true
            hosts: ["https://kube-state-metrics.openshift-monitoring.svc:8443"]
            bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
            ssl.certificate_authorities:
              - /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
            period: 10s

          - data_stream:
              dataset: kubernetes.state_statefulset
              type: metrics
            metricsets:
              - state_statefulset
            add_metadata: true
            hosts: ["https://kube-state-metrics.openshift-monitoring.svc:8443"]
            bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
            ssl.certificate_authorities:
              - /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
            period: 10s

          - data_stream:
              dataset: kubernetes.state_storageclass
              type: metrics
            metricsets:
              - state_storageclass
            add_metadata: true
            hosts: ["https://kube-state-metrics.openshift-monitoring.svc:8443"]
            bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
            ssl.certificate_authorities:
              - /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
            period: 10s
      - name: kubernetes-node-metrics
        type: kubernetes/metrics
        use_output: default
        meta:
          package:
            name: kubernetes
            version: 1.9.0
        data_stream:
          namespace: default
        streams:

          - data_stream:
              dataset: kubernetes.controllermanager
              type: metrics
            metricsets:
              - controllermanager
            bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
            hosts:
              - 'https://${kubernetes.pod.ip}:10257'
            period: 10s
            ssl.verification_mode: none
            # condition: ${kubernetes.labels.component} == 'kube-controller-manager'
            condition: ${kubernetes.labels.app} == 'kube-controller-manager'

          - data_stream:
              dataset: kubernetes.scheduler
              type: metrics
            metricsets:
              - scheduler
            bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
            hosts:
              - 'https://${kubernetes.pod.ip}:10259'
            period: 10s
            ssl.verification_mode: none
            # condition: ${kubernetes.labels.component} == 'kube-scheduler'
            condition: ${kubernetes.labels.app} == 'openshift-kube-scheduler'
          - data_stream:
              dataset: kubernetes.proxy
              type: metrics
            metricsets:
              - proxy
            hosts:
              # Kubernetes
              # - 'localhost:10249'
              # Openshift
              - 'localhost:29101'
            period: 10s

          - data_stream:
              dataset: kubernetes.container
              type: metrics
            metricsets:
              - container
            add_metadata: true
            bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
            ssl.certificate_authorities:
              - /kubelet-serving-ca/ca-bundle.crt
            hosts:
              - 'https://${env.NODE_NAME}:10250'
            period: 10s

          - data_stream:
              dataset: kubernetes.node
              type: metrics
            metricsets:
              - node
            add_metadata: true
            bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
            ssl.certificate_authorities:
              - /kubelet-serving-ca/ca-bundle.crt
            hosts:
              - 'https://${env.NODE_NAME}:10250'
            period: 10s

          - data_stream:
              dataset: kubernetes.pod
              type: metrics
            metricsets:
              - pod
            add_metadata: true
            bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
            ssl.certificate_authorities:
              - /kubelet-serving-ca/ca-bundle.crt
            hosts:
              - 'https://${env.NODE_NAME}:10250'
            period: 10s

          - data_stream:
              dataset: kubernetes.system
              type: metrics
            metricsets:
              - system
            add_metadata: true
            bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
            ssl.certificate_authorities:
              - /kubelet-serving-ca/ca-bundle.crt
            hosts:
              - 'https://${env.NODE_NAME}:10250'
            period: 10s

          - data_stream:
              dataset: kubernetes.volume
              type: metrics
            metricsets:
              - volume
            add_metadata: true
            bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
            ssl.certificate_authorities:
              - /kubelet-serving-ca/ca-bundle.crt
            hosts:
              - 'https://${env.NODE_NAME}:10250'
            period: 10s
      - name: container-log
        type: filestream
        use_output: default
        meta:
          package:
            name: kubernetes
            version: 1.9.0
        data_stream:
          namespace: default
        streams:
          - data_stream:
              dataset: kubernetes.container_logs
              type: logs
            prospector.scanner.symlinks: true
            parsers:
              - container: ~
              # - ndjson:
              #     target: json
              # - multiline:
              #     type: pattern
              #     pattern: '^\['
              #     negate: true
              #     match: after
            paths:
              # Docker
              # - /var/log/containers/*${kubernetes.container.id}.log
              # CRI-O
              - /var/log/pods/${kubernetes.namespace}_${kubernetes.pod.name}_${kubernetes.pod.uid}/${kubernetes.container.name}/*.log


    outputs:
      default:
        type: elasticsearch

        # The enabled config is a boolean setting to enable or disable the output.
        # If set to false, the output is disabled.
        # The default value is true.
        enabled: true

        # The list of Elasticsearch nodes to connect to.
        # The events are distributed to these nodes in round robin order.
        # If one node becomes unreachable, the event is automatically sent to another node.
        # Each Elasticsearch node can be defined as a URL or IP:PORT.
        hosts: ['https://elasticsearch-master-headless:9200']

        # To disable SSL configuration, set the value to false. The default value is true.
        ssl.enabled: true

        # The list of root certificates for verifications is required.
        # If certificate_authorities is empty or not set, the system keystore is used.
        # If certificate_authorities is self-signed, the host system needs to trust that CA cert as well.
        ssl.certificate_authorities: /etc/pki/elastic-agent/client-ca.crt

        # The path to the certificate for SSL client authentication is only required if client_authentication is specified.
        # If the certificate is not specified, client authentication is not available.
        # The connection might fail if the server requests client authentication.
        # If the SSL server does not require client authentication, the certificate will be loaded, but not requested or used by the server.
        ssl.certificate: "/etc/pki/elastic-agent/client.crt"

        # The client certificate key used for client authentication and is only required if client_authentication is configured.

        ssl.key: "/etc/pki/elastic-agent/client.key"

        # The passphrase used to decrypt an encrypted key stored in the configured key file.
        # ssl.key_passphrase: ""

        # Controls the verification of server certificates.
        # Valid values are:
        #full
          # Verifies that the provided certificate is signed by a trusted authority (CA) and also verifies that the server’s hostname (or IP address) matches the names identified within the certificate.
        # strict
          # Verifies that the provided certificate is signed by a trusted authority (CA) and also verifies that the server’s hostname (or IP address) matches the names identified within the certificate.
          # If the Subject Alternative Name is empty, it returns an error.
        # certificate
          # Verifies that the provided certificate is signed by a trusted authority (CA), but does not perform any hostname verification.
        # none
          # Performs no verification of the server’s certificate.
          # This mode disables many of the security benefits of SSL/TLS and should only be used after cautious consideration.
          # It is primarily intended as a temporary diagnostic mechanism when attempting to resolve TLS errors; its use in production environments is strongly discouraged.
        # The default value is full.
        ssl.verification_mode: full
	---
	apiVersion: v1
	kind: ConfigMap
	metadata:
	name: agent-node-datastreams
	namespace: elastic-stack
	labels:
	app.kubernetes.io/name: agent-node-datastreams
	app.kubernetes.io/version: "7.16.2"
	app.kubernetes.io/managed-by: ansible
	app.kubernetes.io/component: elastic-agent
	app.kubernetes.io/part-of: elastic-stack
	data:
	agent.yml: \|-
	agent:
	logging:
	level: info
	monitoring:
	enabled: true
	use_output: default
	logs: true
	metrics: true

	#================================= Kubernetes Provider =================================
	# Provides inventory information from Kubernetes.

	providers.kubernetes:
	node: ${NODE_NAME}

	# Specify the level for autodiscover.
	# scope can either take node or cluster as values.
	# node scope allows discovery of resources in the specified node.
	# cluster scope allows cluster wide discovery.
	# Only pod and node resources can be discovered at node scope.
	scope: node

	inputs:
	- name: system-metrics
	type: system/metrics
	use_output: default
	meta:
	package:
	name: system
	version: 0.10.9
	data_stream:
	namespace: default
	streams:

	- data_stream:
	dataset: system.core
	type: metrics
	metricsets:
	- core
	core.metrics:
	- percentages

	- data_stream:
	dataset: system.cpu
	type: metrics
	period: 10s
	cpu.metrics:
	- percentages
	- normalized_percentages
	metricsets:
	- cpu

	- data_stream:
	dataset: system.diskio
	type: metrics
	period: 10s
	diskio.include_devices: null
	metricsets:
	- diskio

	- data_stream:
	dataset: system.filesystem
	type: metrics
	period: 1m
	metricsets:
	- filesystem
	processors:
	- drop_event.when.regexp:
	system.filesystem.mount_point: ^/(sys\|cgroup\|proc\|dev\|etc\|host\|lib\|snap)($\|/)

	- data_stream:
	dataset: system.fsstat
	type: metrics
	period: 1m
	metricsets:
	- fsstat
	processors:
	- drop_event.when.regexp:
	system.fsstat.mount_point: ^/(sys\|cgroup\|proc\|dev\|etc\|host\|lib\|snap)($\|/)

	- data_stream:
	dataset: system.load
	type: metrics
	period: 10s
	metricsets:
	- load

	- data_stream:
	dataset: system.memory
	type: metrics
	period: 10s
	metricsets:
	- memory

	- data_stream:
	dataset: system.network
	type: metrics
	period: 10s
	network.interfaces: null
	metricsets:
	- network

	- data_stream:
	dataset: system.process
	type: metrics
	process.include_top_n.by_memory: 5
	period: 10s
	processes:
	- .*
	process.include_top_n.by_cpu: 5
	process.cgroups.enabled: false
	process.cmdline.cache.enabled: true
	metricsets:
	- process
	process.include_cpu_ticks: false
	system.hostfs: /hostfs

	- data_stream:
	dataset: system.process_summary
	type: metrics
	period: 10s
	metricsets:
	- process_summary
	system.hostfs: /hostfs

	- data_stream:
	dataset: system.socket_summary
	type: metrics
	period: 10s
	metricsets:
	- socket_summary
	system.hostfs: /hostfs
	- name: system-logs
	type: logfile
	use_output: default
	meta:
	package:
	name: system
	version: 0.10.7
	data_stream:
	namespace: default
	streams:

	- data_stream:
	dataset: system.auth
	type: logs
	paths:
	- /var/log/auth.log*
	- /var/log/secure*
	exclude_files:
	- .gz$
	multiline:
	pattern: ^\s
	match: after
	processors:
	- add_fields:
	target: ''
	fields:
	ecs.version: 1.12.0

	- data_stream:
	dataset: system.syslog
	type: logs
	paths:
	- /var/log/messages*
	- /var/log/syslog*
	exclude_files:
	- .gz$
	multiline:
	pattern: ^\s
	match: after
	processors:
	- add_fields:
	target: ''
	fields:
	ecs.version: 1.12.0
	- name: kubernetes-cluster-metrics
	condition: ${kubernetes_leaderelection.leader} == true
	type: kubernetes/metrics
	use_output: default
	meta:
	package:
	name: kubernetes
	version: 1.9.0
	data_stream:
	namespace: default
	streams:

	- data_stream:
	dataset: kubernetes.apiserver
	type: metrics
	metricsets:
	- apiserver
	bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
	hosts:
	- 'https://kubernetes.default.svc.cluster.local:443'
	period: 30s
	ssl.certificate_authorities:
	- /var/run/secrets/kubernetes.io/serviceaccount/ca.crt

	- data_stream:
	dataset: kubernetes.event
	type: metrics
	metricsets:
	- event
	period: 10s
	add_metadata: true

	- data_stream:
	dataset: kubernetes.state_container
	type: metrics
	metricsets:
	- state_container
	add_metadata: true
	hosts: ["https://kube-state-metrics.openshift-monitoring.svc:8443"]
	bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
	ssl.certificate_authorities:
	- /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
	period: 10s

	- data_stream:
	dataset: kubernetes.state_cronjob
	type: metrics
	metricsets:
	- state_cronjob
	add_metadata: true
	hosts: ["https://kube-state-metrics.openshift-monitoring.svc:8443"]
	bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
	ssl.certificate_authorities:
	- /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
	period: 10s

	- data_stream:
	dataset: kubernetes.state_daemonset
	type: metrics
	metricsets:
	- state_daemonset
	add_metadata: true
	hosts: ["https://kube-state-metrics.openshift-monitoring.svc:8443"]
	bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
	ssl.certificate_authorities:
	- /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
	period: 10s

	- data_stream:
	dataset: kubernetes.state_deployment
	type: metrics
	metricsets:
	- state_deployment
	add_metadata: true
	hosts: ["https://kube-state-metrics.openshift-monitoring.svc:8443"]
	bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
	ssl.certificate_authorities:
	- /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
	period: 10s

	- data_stream:
	dataset: kubernetes.state_job
	type: metrics
	metricsets:
	- state_job
	add_metadata: true
	hosts: ["https://kube-state-metrics.openshift-monitoring.svc:8443"]
	bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
	ssl.certificate_authorities:
	- /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
	period: 10s

	- data_stream:
	dataset: kubernetes.state_node
	type: metrics
	metricsets:
	- state_node
	add_metadata: true
	hosts: ["https://kube-state-metrics.openshift-monitoring.svc:8443"]
	bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
	ssl.certificate_authorities:
	- /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
	period: 10s

	- data_stream:
	dataset: kubernetes.state_persistentvolume
	type: metrics
	metricsets:
	- state_persistentvolume
	add_metadata: true
	hosts: ["https://kube-state-metrics.openshift-monitoring.svc:8443"]
	bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
	ssl.certificate_authorities:
	- /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
	period: 10s

	- data_stream:
	dataset: kubernetes.state_persistentvolumeclaim
	type: metrics
	metricsets:
	- state_persistentvolumeclaim
	add_metadata: true
	hosts: ["https://kube-state-metrics.openshift-monitoring.svc:8443"]
	bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
	ssl.certificate_authorities:
	- /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
	period: 10s

	- data_stream:
	dataset: kubernetes.state_pod
	type: metrics
	metricsets:
	- state_pod
	add_metadata: true
	hosts: ["https://kube-state-metrics.openshift-monitoring.svc:8443"]
	bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
	ssl.certificate_authorities:
	- /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
	period: 10s

	- data_stream:
	dataset: kubernetes.state_replicaset
	type: metrics
	metricsets:
	- state_replicaset
	add_metadata: true
	hosts: ["https://kube-state-metrics.openshift-monitoring.svc:8443"]
	bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
	ssl.certificate_authorities:
	- /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
	period: 10s

	- data_stream:
	dataset: kubernetes.state_resourcequota
	type: metrics
	metricsets:
	- state_resourcequota
	add_metadata: true
	hosts: ["https://kube-state-metrics.openshift-monitoring.svc:8443"]
	bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
	ssl.certificate_authorities:
	- /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
	period: 10s

	- data_stream:
	dataset: kubernetes.state_service
	type: metrics
	metricsets:
	- state_service
	add_metadata: true
	hosts: ["https://kube-state-metrics.openshift-monitoring.svc:8443"]
	bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
	ssl.certificate_authorities:
	- /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
	period: 10s

	- data_stream:
	dataset: kubernetes.state_statefulset
	type: metrics
	metricsets:
	- state_statefulset
	add_metadata: true
	hosts: ["https://kube-state-metrics.openshift-monitoring.svc:8443"]
	bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
	ssl.certificate_authorities:
	- /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
	period: 10s

	- data_stream:
	dataset: kubernetes.state_storageclass
	type: metrics
	metricsets:
	- state_storageclass
	add_metadata: true
	hosts: ["https://kube-state-metrics.openshift-monitoring.svc:8443"]
	bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
	ssl.certificate_authorities:
	- /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
	period: 10s
	- name: kubernetes-node-metrics
	type: kubernetes/metrics
	use_output: default
	meta:
	package:
	name: kubernetes
	version: 1.9.0
	data_stream:
	namespace: default
	streams:

	- data_stream:
	dataset: kubernetes.controllermanager
	type: metrics
	metricsets:
	- controllermanager
	bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
	hosts:
	- 'https://${kubernetes.pod.ip}:10257'
	period: 10s
	ssl.verification_mode: none
	# condition: ${kubernetes.labels.component} == 'kube-controller-manager'
	condition: ${kubernetes.labels.app} == 'kube-controller-manager'

	- data_stream:
	dataset: kubernetes.scheduler
	type: metrics
	metricsets:
	- scheduler
	bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
	hosts:
	- 'https://${kubernetes.pod.ip}:10259'
	period: 10s
	ssl.verification_mode: none
	# condition: ${kubernetes.labels.component} == 'kube-scheduler'
	condition: ${kubernetes.labels.app} == 'openshift-kube-scheduler'
	- data_stream:
	dataset: kubernetes.proxy
	type: metrics
	metricsets:
	- proxy
	hosts:
	# Kubernetes
	# - 'localhost:10249'
	# Openshift
	- 'localhost:29101'
	period: 10s

	- data_stream:
	dataset: kubernetes.container
	type: metrics
	metricsets:
	- container
	add_metadata: true
	bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
	ssl.certificate_authorities:
	- /kubelet-serving-ca/ca-bundle.crt
	hosts:
	- 'https://${env.NODE_NAME}:10250'
	period: 10s

	- data_stream:
	dataset: kubernetes.node
	type: metrics
	metricsets:
	- node
	add_metadata: true
	bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
	ssl.certificate_authorities:
	- /kubelet-serving-ca/ca-bundle.crt
	hosts:
	- 'https://${env.NODE_NAME}:10250'
	period: 10s

	- data_stream:
	dataset: kubernetes.pod
	type: metrics
	metricsets:
	- pod
	add_metadata: true
	bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
	ssl.certificate_authorities:
	- /kubelet-serving-ca/ca-bundle.crt
	hosts:
	- 'https://${env.NODE_NAME}:10250'
	period: 10s

	- data_stream:
	dataset: kubernetes.system
	type: metrics
	metricsets:
	- system
	add_metadata: true
	bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
	ssl.certificate_authorities:
	- /kubelet-serving-ca/ca-bundle.crt
	hosts:
	- 'https://${env.NODE_NAME}:10250'
	period: 10s

	- data_stream:
	dataset: kubernetes.volume
	type: metrics
	metricsets:
	- volume
	add_metadata: true
	bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
	ssl.certificate_authorities:
	- /kubelet-serving-ca/ca-bundle.crt
	hosts:
	- 'https://${env.NODE_NAME}:10250'
	period: 10s
	- name: container-log
	type: filestream
	use_output: default
	meta:
	package:
	name: kubernetes
	version: 1.9.0
	data_stream:
	namespace: default
	streams:
	- data_stream:
	dataset: kubernetes.container_logs
	type: logs
	prospector.scanner.symlinks: true
	parsers:
	- container: ~
	# - ndjson:
	# target: json
	# - multiline:
	# type: pattern
	# pattern: '^\['
	# negate: true
	# match: after
	paths:
	# Docker
	# - /var/log/containers/*${kubernetes.container.id}.log
	# CRI-O
	- /var/log/pods/${kubernetes.namespace}_${kubernetes.pod.name}_${kubernetes.pod.uid}/${kubernetes.container.name}/*.log


	outputs:
	default:
	type: elasticsearch

	# The enabled config is a boolean setting to enable or disable the output.
	# If set to false, the output is disabled.
	# The default value is true.
	enabled: true

	# The list of Elasticsearch nodes to connect to.
	# The events are distributed to these nodes in round robin order.
	# If one node becomes unreachable, the event is automatically sent to another node.
	# Each Elasticsearch node can be defined as a URL or IP:PORT.
	hosts: ['https://elasticsearch-master-headless:9200']

	# To disable SSL configuration, set the value to false. The default value is true.
	ssl.enabled: true

	# The list of root certificates for verifications is required.
	# If certificate_authorities is empty or not set, the system keystore is used.
	# If certificate_authorities is self-signed, the host system needs to trust that CA cert as well.
	ssl.certificate_authorities: /etc/pki/elastic-agent/client-ca.crt

	# The path to the certificate for SSL client authentication is only required if client_authentication is specified.
	# If the certificate is not specified, client authentication is not available.
	# The connection might fail if the server requests client authentication.
	# If the SSL server does not require client authentication, the certificate will be loaded, but not requested or used by the server.
	ssl.certificate: "/etc/pki/elastic-agent/client.crt"

	# The client certificate key used for client authentication and is only required if client_authentication is configured.

	ssl.key: "/etc/pki/elastic-agent/client.key"

	# The passphrase used to decrypt an encrypted key stored in the configured key file.
	# ssl.key_passphrase: ""

	# Controls the verification of server certificates.
	# Valid values are:
	#full
	# Verifies that the provided certificate is signed by a trusted authority (CA) and also verifies that the server’s hostname (or IP address) matches the names identified within the certificate.
	# strict
	# Verifies that the provided certificate is signed by a trusted authority (CA) and also verifies that the server’s hostname (or IP address) matches the names identified within the certificate.
	# If the Subject Alternative Name is empty, it returns an error.
	# certificate
	# Verifies that the provided certificate is signed by a trusted authority (CA), but does not perform any hostname verification.
	# none
	# Performs no verification of the server’s certificate.
	# This mode disables many of the security benefits of SSL/TLS and should only be used after cautious consideration.
	# It is primarily intended as a temporary diagnostic mechanism when attempting to resolve TLS errors; its use in production environments is strongly discouraged.
	# The default value is full.
	ssl.verification_mode: full