kimsyversen/gist:a8c35029da067a50222cb85ab8e6a489

## gistfile1.txt

cat << EOF > client_install.sh

# Dashboards for Kibana is available in filebeat
# Src https://logz.io/blog/shipping-logs-filebeat/

# Add beats repo
echo "deb https://packages.elastic.co/beats/apt stable main" | sudo tee -a /etc/apt/sources.list.d/beats.list

# Install filebeat
sudo apt-get update && sudo apt-get install filebeat

# Load index template
#filebeat setup --template -E output.logstash.enabled=false -E 'output.elasticsearch.hosts=["localhost:9200"]'

# Load beats dashboard in Kibana
#filebeat setup --dashboards
EOF


cat << EOF > copy_to_etcfilebeat_filebeat.yml
filebeat.prospectors:

# Each - is a prospector. Most options can be set at the prospector level, so
# you can use different prospectors for various configurations.
# Below are the prospector specific configurations.

- type: log
  enabled: true
  paths:
    - /var/log/*.log
    #- c:\programdata\elasticsearch\logs\*

#============================= Filebeat modules ===============================

filebeat.config.modules:
  # Glob pattern for configuration loading
  path: ${path.config}/modules.d/*.yml

  # Set to true to enable config reloading
  reload.enabled: false

  # Period on which files under path should be checked for changes
  #reload.period: 10s

#==================== Elasticsearch template setting ==========================

setup.template.settings:
  index.number_of_shards: 3
  #index.codec: best_compression
  #_source.enabled: false

#============================== Kibana =====================================

# Starting with Beats version 6.0.0, the dashboards are loaded via the Kibana API.
# This requires a Kibana endpoint configuration.
setup.kibana:

  # Kibana Host
  # Scheme and port can be left out and will be set to the default (http and 5601)
  # In case you specify and additional path, the scheme is required: http://localhost:5601/path
  # IPv6 addresses should always be defined as: https://[2001:db8::1]:5601
  host: "192.168.1.62:5601"
  username: "admin"
  password: "password"

#================================ Outputs =====================================

# Configure what output to use when sending the data collected by the beat.

#-------------------------- Elasticsearch output ------------------------------
#output.elasticsearch:
  # Array of hosts to connect to.
  #hosts: ["192.168.1.62:9200"]

  # Optional protocol and basic auth credentials.
  #protocol: "https"
  #username: "elastic"
  #password: "changeme"

#----------------------------- Logstash output --------------------------------
output.logstash:
  # The Logstash hosts
  hosts: ["192.168.1.62:5044"]

  # Optional SSL. By default is off.
  # List of root certificates for HTTPS server verifications
  #ssl.certificate_authorities: ["/etc/pki/root/ca.pem"]

  # Certificate for SSL client authentication
  #ssl.certificate: "/etc/pki/client/cert.pem"

  # Client Certificate Key
  #ssl.key: "/etc/pki/client/cert.key"
EOF

	cat << EOF > client_install.sh

	# Dashboards for Kibana is available in filebeat
	# Src https://logz.io/blog/shipping-logs-filebeat/

	# Add beats repo
	echo "deb https://packages.elastic.co/beats/apt stable main" \| sudo tee -a /etc/apt/sources.list.d/beats.list

	# Install filebeat
	sudo apt-get update && sudo apt-get install filebeat

	# Load index template
	#filebeat setup --template -E output.logstash.enabled=false -E 'output.elasticsearch.hosts=["localhost:9200"]'

	# Load beats dashboard in Kibana
	#filebeat setup --dashboards
	EOF


	cat << EOF > copy_to_etcfilebeat_filebeat.yml
	filebeat.prospectors:

	# Each - is a prospector. Most options can be set at the prospector level, so
	# you can use different prospectors for various configurations.
	# Below are the prospector specific configurations.

	- type: log
	enabled: true
	paths:
	- /var/log/*.log
	#- c:\programdata\elasticsearch\logs\*

	#============================= Filebeat modules ===============================

	filebeat.config.modules:
	# Glob pattern for configuration loading
	path: ${path.config}/modules.d/*.yml

	# Set to true to enable config reloading
	reload.enabled: false

	# Period on which files under path should be checked for changes
	#reload.period: 10s

	#==================== Elasticsearch template setting ==========================

	setup.template.settings:
	index.number_of_shards: 3
	#index.codec: best_compression
	#_source.enabled: false

	#============================== Kibana =====================================

	# Starting with Beats version 6.0.0, the dashboards are loaded via the Kibana API.
	# This requires a Kibana endpoint configuration.
	setup.kibana:

	# Kibana Host
	# Scheme and port can be left out and will be set to the default (http and 5601)
	# In case you specify and additional path, the scheme is required: http://localhost:5601/path
	# IPv6 addresses should always be defined as: https://[2001:db8::1]:5601
	host: "192.168.1.62:5601"
	username: "admin"
	password: "password"

	#================================ Outputs =====================================

	# Configure what output to use when sending the data collected by the beat.

	#-------------------------- Elasticsearch output ------------------------------
	#output.elasticsearch:
	# Array of hosts to connect to.
	#hosts: ["192.168.1.62:9200"]

	# Optional protocol and basic auth credentials.
	#protocol: "https"
	#username: "elastic"
	#password: "changeme"

	#----------------------------- Logstash output --------------------------------
	output.logstash:
	# The Logstash hosts
	hosts: ["192.168.1.62:5044"]

	# Optional SSL. By default is off.
	# List of root certificates for HTTPS server verifications
	#ssl.certificate_authorities: ["/etc/pki/root/ca.pem"]

	# Certificate for SSL client authentication
	#ssl.certificate: "/etc/pki/client/cert.pem"

	# Client Certificate Key
	#ssl.key: "/etc/pki/client/cert.key"
	EOF