michaelhyatt/docker-compose.yml

## docker-compose.yml
---
version: '3.6'
services:
  # The environment variable "TAG" is used throughout this file to
  # specify the version of the images to run. The default is set in the
  # '.env' file in this folder. It can be overridden with any normal
  # technique for setting environment variables, for example:
  #
  #   TAG=6.0.0-beta1 docker-compose up
  #
  # REF: https://docs.docker.com/compose/compose-file/#variable-substitution
  #
  # Also be sure to set the ELASTIC_VERSION variable. For released versions,
  # ${TAG} and ${ELASTIC_VERSION} will be identical, but for pre-release
  # versions, ${TAG} might contain an extra build identifier, like
  # "6.0.0-beta1-3eab5b40", so a full invocation might look like:
  #
  #   ELASTIC_VERSION=6.0.0-beta1 TAG=6.0.0-beta1-3eab5b40 docker-compose up
  #
  elasticsearch:
    image: docker.elastic.co/elasticsearch/elasticsearch:${TAG}
    container_name: elasticsearch
    # secrets:
    #   - source: ca.crt
    #     target: /usr/share/elasticsearch/config/certs/ca/ca.crt
    #   - source: elasticsearch.yml
    #     target: /usr/share/elasticsearch/config/elasticsearch.yml
    #   - source: elasticsearch.keystore
    #     target: /usr/share/elasticsearch/config/elasticsearch.keystore
    #   - source: elasticsearch.key
    #     target: /usr/share/elasticsearch/config/certs/elasticsearch/elasticsearch.key
    #   - source: elasticsearch.crt
    #     target: /usr/share/elasticsearch/config/certs/elasticsearch/elasticsearch.crt
    ports: ['9200:9200']
    networks: ['stack']
    # volumes:
    #   - 'es_data:/usr/share/elasticsearch/data'
    #   - './scripts/setup-users.sh:/usr/local/bin/setup-users.sh:ro'
    # healthcheck:
    #   test: curl --cacert /usr/share/elasticsearch/config/certs/ca/ca.crt -s https://localhost:9200 >/dev/null; if [[ $$? == 52 ]]; then echo 0; else echo 1; fi
    #   interval: 30s
    #   timeout: 10s
    #   retries: 5

  kibana:
    image: docker.elastic.co/kibana/kibana:${TAG}
    container_name: kibana
    # secrets:
    #   - source: kibana.yml
    #     target: /usr/share/kibana/config/kibana.yml
    #   - source: kibana.keystore
    #     target: /usr/share/kibana/data/kibana.keystore
    #   - source: ca.crt
    #     target: /usr/share/kibana/config/certs/ca/ca.crt
    #   - source: kibana.key
    #     target: /usr/share/kibana/config/certs/kibana/kibana.key
    #   - source: kibana.crt
    #     target: /usr/share/kibana/config/certs/kibana/kibana.crt
    ports: ['5601:5601']
    networks: ['stack']
    depends_on: ['elasticsearch']
    # healthcheck:
    #   test: curl --cacert /usr/share/elasticsearch/config/certs/ca/ca.crt -s https://localhost:5601 >/dev/null; if [[ $$? == 52 ]]; then echo 0; else echo 1; fi
    #   interval: 30s
    #   timeout: 10s
    #   retries: 5

  # logstash:
  #   image: docker.elastic.co/logstash/logstash:${TAG}
  #   container_name: logstash
  #   secrets:
  #     - source: logstash.conf
  #       target: /usr/share/logstash/pipeline/logstash.conf
  #     - source: logstash.yml
  #       target: /usr/share/logstash/config/logstash.yml
  #     - source: logstash.keystore
  #       target: /usr/share/logstash/config/logstash.keystore
  #     - source: ca.crt
  #       target: /usr/share/logstash/config/certs/ca/ca.crt
  #   networks: ['stack']
  #   depends_on: ['elasticsearch']
  #   healthcheck:
  #     test: bin/logstash -t
  #     interval: 60s
  #     timeout: 50s
  #     retries: 5

  # auditbeat:
  #   image: docker.elastic.co/beats/auditbeat:${TAG}
  #   container_name: auditbeat
  #   command: -e --strict.perms=false # -e flag to log to stderr and disable syslog/file output
  #   cap_add: ['AUDIT_CONTROL', 'AUDIT_READ']
  #   secrets:
  #     - source: auditbeat.yml
  #       target: /usr/share/auditbeat/auditbeat.yml
  #     - source: auditbeat.keystore
  #       target: /usr/share/auditbeat/auditbeat.keystore
  #     - source: ca.crt
  #       target: /usr/share/auditbeat/certs/ca/ca.crt
  #   # Auditbeat must run in the main process namespace.
  #   pid: host
  #   volumes:
  #     - './scripts/setup-beat.sh:/usr/local/bin/setup-beat.sh:ro'
  #   networks: ['stack']
  #   depends_on: ['elasticsearch', 'kibana']
  #   healthcheck:
  #     test: auditbeat --strict.perms=false test config
  #     interval: 30s
  #     timeout: 15s
  #     retries: 5
  #
  # filebeat:
  #   image: docker.elastic.co/beats/filebeat:${TAG}
  #   container_name: filebeat
  #   command: --strict.perms=false -e  # -e flag to log to stderr and disable syslog/file output
  #   # If the host system has logs at "/var/log", mount them at "/mnt/log"
  #   # inside the container, where Filebeat can find them.
  #   # volumes: ['/var/log:/mnt/log:ro']
  #   secrets:
  #     - source: filebeat.yml
  #       target: /usr/share/filebeat/filebeat.yml
  #     - source: filebeat.keystore
  #       target: /usr/share/filebeat/filebeat.keystore
  #     - source: ca.crt
  #       target: /usr/share/filebeat/certs/ca/ca.crt
  #   volumes:
  #     - './scripts/setup-beat.sh:/usr/local/bin/setup-beat.sh:ro'
  #   networks: ['stack']
  #   depends_on: ['elasticsearch', 'kibana']
  #   healthcheck:
  #     test: filebeat test config
  #     interval: 30s
  #     timeout: 15s
  #     retries: 5
  #
  # heartbeat:
  #   image: docker.elastic.co/beats/heartbeat:${TAG}
  #   container_name: heartbeat
  #   command: --strict.perms=false -e  # -e flag to log to stderr and disable syslog/file output
  #   secrets:
  #     - source: heartbeat.yml
  #       target: /usr/share/heartbeat/heartbeat.yml
  #     - source: heartbeat.keystore
  #       target: /usr/share/heartbeat/heartbeat.keystore
  #     - source: ca.crt
  #       target: /usr/share/heartbeat/certs/ca/ca.crt
  #   volumes:
  #     - './scripts/setup-beat.sh:/usr/local/bin/setup-beat.sh:ro'
  #   networks: ['stack']
  #   depends_on: ['elasticsearch', 'kibana']
  #   healthcheck:
  #     test: heartbeat test config
  #     interval: 30s
  #     timeout: 15s
  #     retries: 5
  #
  # metricbeat:
  #   image: docker.elastic.co/beats/metricbeat:${TAG}
  #   container_name: metricbeat
  #   # The commented sections below enable Metricbeat to monitor the Docker host,
  #   # rather than the Metricbeat container. It's problematic with Docker for
  #   # Windows, however, since "/proc", "/sys" etc. don't exist on Windows.
  #   # The same likely applies to OSX (needs testing).
  #   # volumes:
  #   #   - /proc:/hostfs/proc:ro
  #   #   - /sys/fs/cgroup:/hostfs/sys/fs/cgroup:ro
  #   #   - /:/hostfs:ro
  #   command: --strict.perms=false -e  # -e flag to log to stderr and disable syslog/file output
  #   secrets:
  #     - source: metricbeat.yml
  #       target: /usr/share/metricbeat/metricbeat.yml
  #     - source: metricbeat.keystore
  #       target: /usr/share/metricbeat/metricbeat.keystore
  #     - source: ca.crt
  #       target: /usr/share/metricbeat/certs/ca/ca.crt
  #   volumes:
  #     - './scripts/setup-beat.sh:/usr/local/bin/setup-beat.sh:ro'
  #   networks: ['stack']
  #   depends_on: ['elasticsearch', 'kibana']
  #   healthcheck:
  #     test: metricbeat test config
  #     interval: 30s
  #     timeout: 15s
  #     retries: 5
  #
  # packetbeat:
  #   image: docker.elastic.co/beats/packetbeat:${TAG}
  #   container_name: packetbeat
  #   # Packetbeat needs some elevated privileges to capture network traffic.
  #   # We'll grant them with POSIX capabilities.
  #   cap_add: ['NET_RAW', 'NET_ADMIN']
  #   # Use "host mode" networking to allow Packetbeat to capture traffic from
  #   # the real network interface on the host, rather than being isolated to the
  #   # container's virtual interface.
  #   network_mode: host
  #   # Since we did that, Packetbeat is not part of the "stack" Docker network
  #   # that the other containers are connected to, and thus can't resolve the
  #   # hostname "elasticsearch". Instead, we'll tell it to find Elasticsearch
  #   # on "localhost", which is the Docker host machine in this context.
  #   command: -e -E 'output.elasticsearch.hosts=["localhost:9200"]'
  #   depends_on: ['elasticsearch']
  #   command: --strict.perms=false -e -E output.elasticsearch.hosts="https://localhost:9200" # -e flag to log to stderr and disable syslog/file output
  #   secrets:
  #     - source: packetbeat.yml
  #       target: /usr/share/packetbeat/packetbeat.yml
  #     - source: packetbeat.keystore
  #       target: /usr/share/packetbeat/packetbeat.keystore
  #     - source: ca.crt
  #       target: /usr/share/packetbeat/certs/ca/ca.crt
  #   volumes:
  #     - './scripts/setup-beat.sh:/usr/local/bin/setup-beat.sh:ro'
  #   depends_on: ['elasticsearch', 'kibana']
  #   healthcheck:
  #     test: packetbeat test config
  #     interval: 30s
  #     timeout: 15s
  #     retries: 5

  apm-server:
    image: docker.elastic.co/apm/apm-server:${TAG}
    container_name: apm_server
    ports: ['8200:8200']
    networks: ['stack']
    command: --strict.perms=false -e  # -e flag to log to stderr and disable syslog/file output
    # secrets:
    #   - source: apm-server.yml
    #     target: /usr/share/apm-server/apm-server.yml
    #   - source: apm-server.keystore
    #     target: /usr/share/apm-server/apm-server.keystore
    #   - source: ca.crt
    #     target: /usr/share/apm-server/certs/ca/ca.crt
    # volumes:
    #   - './scripts/setup-beat.sh:/usr/local/bin/setup-beat.sh:ro'
    depends_on: ['elasticsearch', 'kibana']
    # healthcheck:
    #   test: curl --cacert /usr/share/elasticsearch/config/certs/ca/ca.crt -s https://localhost:8200/healthcheck >/dev/null; if [[ $$? == 52 ]]; then echo 0; else echo 1; fi
    #   interval: 30s
    #   timeout: 10s
    #   retries: 5

networks: {stack: {}}
# use docker volume to persist ES data outside of a container.
volumes:
  es_data:

# secrets:
#   ca.crt:
#     file: ./config/ssl/ca/ca.crt
#   logstash.yml:
#     file: ./config/logstash/logstash.yml
#   logstash.keystore:
#     file: ./config/logstash/logstash.keystore
#   logstash.conf:
#     file: ./config/logstash/pipeline/logstash.conf
#   elasticsearch.yml:
#     file: ./config/elasticsearch/elasticsearch.yml
#   elasticsearch.keystore:
#     file: ./config/elasticsearch/elasticsearch.keystore
#   elasticsearch.key:
#     file: ./config/elasticsearch/elasticsearch.key
#   elasticsearch.crt:
#     file: ./config/elasticsearch/elasticsearch.crt
#   elasticsearch.p12:
#     file: ./config/elasticsearch/elasticsearch.p12
#   kibana.yml:
#     file: ./config/kibana/kibana.yml
#   kibana.keystore:
#     file: ./config/kibana/kibana.keystore
#   kibana.key:
#     file: ./config/kibana/kibana.key
#   kibana.crt:
#     file: ./config/kibana/kibana.crt
#   auditbeat.yml:
#     file: ./config/auditbeat/auditbeat.yml
#   auditbeat.keystore:
#     file: ./config/auditbeat/auditbeat.keystore
#   filebeat.yml:
#     file: ./config/filebeat/filebeat.yml
#   filebeat.keystore:
#     file: ./config/filebeat/filebeat.keystore
#   heartbeat.yml:
#     file: ./config/heartbeat/heartbeat.yml
#   heartbeat.keystore:
#     file: ./config/heartbeat/heartbeat.keystore
#   metricbeat.yml:
#     file: ./config/metricbeat/metricbeat.yml
#   metricbeat.keystore:
#     file: ./config/metricbeat/metricbeat.keystore
#   packetbeat.yml:
#     file: ./config/packetbeat/packetbeat.yml
#   packetbeat.keystore:
#     file: ./config/packetbeat/packetbeat.keystore
#   apm-server.yml:
#     file: ./config/apm-server/apm-server.yml
#   apm-server.keystore:
#     file: ./config/apm-server/apm-server.keystore
	---
	version: '3.6'
	services:
	# The environment variable "TAG" is used throughout this file to
	# specify the version of the images to run. The default is set in the
	# '.env' file in this folder. It can be overridden with any normal
	# technique for setting environment variables, for example:
	#
	# TAG=6.0.0-beta1 docker-compose up
	#
	# REF: https://docs.docker.com/compose/compose-file/#variable-substitution
	#
	# Also be sure to set the ELASTIC_VERSION variable. For released versions,
	# ${TAG} and ${ELASTIC_VERSION} will be identical, but for pre-release
	# versions, ${TAG} might contain an extra build identifier, like
	# "6.0.0-beta1-3eab5b40", so a full invocation might look like:
	#
	# ELASTIC_VERSION=6.0.0-beta1 TAG=6.0.0-beta1-3eab5b40 docker-compose up
	#
	elasticsearch:
	image: docker.elastic.co/elasticsearch/elasticsearch:${TAG}
	container_name: elasticsearch
	# secrets:
	# - source: ca.crt
	# target: /usr/share/elasticsearch/config/certs/ca/ca.crt
	# - source: elasticsearch.yml
	# target: /usr/share/elasticsearch/config/elasticsearch.yml
	# - source: elasticsearch.keystore
	# target: /usr/share/elasticsearch/config/elasticsearch.keystore
	# - source: elasticsearch.key
	# target: /usr/share/elasticsearch/config/certs/elasticsearch/elasticsearch.key
	# - source: elasticsearch.crt
	# target: /usr/share/elasticsearch/config/certs/elasticsearch/elasticsearch.crt
	ports: ['9200:9200']
	networks: ['stack']
	# volumes:
	# - 'es_data:/usr/share/elasticsearch/data'
	# - './scripts/setup-users.sh:/usr/local/bin/setup-users.sh:ro'
	# healthcheck:
	# test: curl --cacert /usr/share/elasticsearch/config/certs/ca/ca.crt -s https://localhost:9200 >/dev/null; if [[ $$? == 52 ]]; then echo 0; else echo 1; fi
	# interval: 30s
	# timeout: 10s
	# retries: 5

	kibana:
	image: docker.elastic.co/kibana/kibana:${TAG}
	container_name: kibana
	# secrets:
	# - source: kibana.yml
	# target: /usr/share/kibana/config/kibana.yml
	# - source: kibana.keystore
	# target: /usr/share/kibana/data/kibana.keystore
	# - source: ca.crt
	# target: /usr/share/kibana/config/certs/ca/ca.crt
	# - source: kibana.key
	# target: /usr/share/kibana/config/certs/kibana/kibana.key
	# - source: kibana.crt
	# target: /usr/share/kibana/config/certs/kibana/kibana.crt
	ports: ['5601:5601']
	networks: ['stack']
	depends_on: ['elasticsearch']
	# healthcheck:
	# test: curl --cacert /usr/share/elasticsearch/config/certs/ca/ca.crt -s https://localhost:5601 >/dev/null; if [[ $$? == 52 ]]; then echo 0; else echo 1; fi
	# interval: 30s
	# timeout: 10s
	# retries: 5

	# logstash:
	# image: docker.elastic.co/logstash/logstash:${TAG}
	# container_name: logstash
	# secrets:
	# - source: logstash.conf
	# target: /usr/share/logstash/pipeline/logstash.conf
	# - source: logstash.yml
	# target: /usr/share/logstash/config/logstash.yml
	# - source: logstash.keystore
	# target: /usr/share/logstash/config/logstash.keystore
	# - source: ca.crt
	# target: /usr/share/logstash/config/certs/ca/ca.crt
	# networks: ['stack']
	# depends_on: ['elasticsearch']
	# healthcheck:
	# test: bin/logstash -t
	# interval: 60s
	# timeout: 50s
	# retries: 5

	# auditbeat:
	# image: docker.elastic.co/beats/auditbeat:${TAG}
	# container_name: auditbeat
	# command: -e --strict.perms=false # -e flag to log to stderr and disable syslog/file output
	# cap_add: ['AUDIT_CONTROL', 'AUDIT_READ']
	# secrets:
	# - source: auditbeat.yml
	# target: /usr/share/auditbeat/auditbeat.yml
	# - source: auditbeat.keystore
	# target: /usr/share/auditbeat/auditbeat.keystore
	# - source: ca.crt
	# target: /usr/share/auditbeat/certs/ca/ca.crt
	# # Auditbeat must run in the main process namespace.
	# pid: host
	# volumes:
	# - './scripts/setup-beat.sh:/usr/local/bin/setup-beat.sh:ro'
	# networks: ['stack']
	# depends_on: ['elasticsearch', 'kibana']
	# healthcheck:
	# test: auditbeat --strict.perms=false test config
	# interval: 30s
	# timeout: 15s
	# retries: 5
	#
	# filebeat:
	# image: docker.elastic.co/beats/filebeat:${TAG}
	# container_name: filebeat
	# command: --strict.perms=false -e # -e flag to log to stderr and disable syslog/file output
	# # If the host system has logs at "/var/log", mount them at "/mnt/log"
	# # inside the container, where Filebeat can find them.
	# # volumes: ['/var/log:/mnt/log:ro']
	# secrets:
	# - source: filebeat.yml
	# target: /usr/share/filebeat/filebeat.yml
	# - source: filebeat.keystore
	# target: /usr/share/filebeat/filebeat.keystore
	# - source: ca.crt
	# target: /usr/share/filebeat/certs/ca/ca.crt
	# volumes:
	# - './scripts/setup-beat.sh:/usr/local/bin/setup-beat.sh:ro'
	# networks: ['stack']
	# depends_on: ['elasticsearch', 'kibana']
	# healthcheck:
	# test: filebeat test config
	# interval: 30s
	# timeout: 15s
	# retries: 5
	#
	# heartbeat:
	# image: docker.elastic.co/beats/heartbeat:${TAG}
	# container_name: heartbeat
	# command: --strict.perms=false -e # -e flag to log to stderr and disable syslog/file output
	# secrets:
	# - source: heartbeat.yml
	# target: /usr/share/heartbeat/heartbeat.yml
	# - source: heartbeat.keystore
	# target: /usr/share/heartbeat/heartbeat.keystore
	# - source: ca.crt
	# target: /usr/share/heartbeat/certs/ca/ca.crt
	# volumes:
	# - './scripts/setup-beat.sh:/usr/local/bin/setup-beat.sh:ro'
	# networks: ['stack']
	# depends_on: ['elasticsearch', 'kibana']
	# healthcheck:
	# test: heartbeat test config
	# interval: 30s
	# timeout: 15s
	# retries: 5
	#
	# metricbeat:
	# image: docker.elastic.co/beats/metricbeat:${TAG}
	# container_name: metricbeat
	# # The commented sections below enable Metricbeat to monitor the Docker host,
	# # rather than the Metricbeat container. It's problematic with Docker for
	# # Windows, however, since "/proc", "/sys" etc. don't exist on Windows.
	# # The same likely applies to OSX (needs testing).
	# # volumes:
	# # - /proc:/hostfs/proc:ro
	# # - /sys/fs/cgroup:/hostfs/sys/fs/cgroup:ro
	# # - /:/hostfs:ro
	# command: --strict.perms=false -e # -e flag to log to stderr and disable syslog/file output
	# secrets:
	# - source: metricbeat.yml
	# target: /usr/share/metricbeat/metricbeat.yml
	# - source: metricbeat.keystore
	# target: /usr/share/metricbeat/metricbeat.keystore
	# - source: ca.crt
	# target: /usr/share/metricbeat/certs/ca/ca.crt
	# volumes:
	# - './scripts/setup-beat.sh:/usr/local/bin/setup-beat.sh:ro'
	# networks: ['stack']
	# depends_on: ['elasticsearch', 'kibana']
	# healthcheck:
	# test: metricbeat test config
	# interval: 30s
	# timeout: 15s
	# retries: 5
	#
	# packetbeat:
	# image: docker.elastic.co/beats/packetbeat:${TAG}
	# container_name: packetbeat
	# # Packetbeat needs some elevated privileges to capture network traffic.
	# # We'll grant them with POSIX capabilities.
	# cap_add: ['NET_RAW', 'NET_ADMIN']
	# # Use "host mode" networking to allow Packetbeat to capture traffic from
	# # the real network interface on the host, rather than being isolated to the
	# # container's virtual interface.
	# network_mode: host
	# # Since we did that, Packetbeat is not part of the "stack" Docker network
	# # that the other containers are connected to, and thus can't resolve the
	# # hostname "elasticsearch". Instead, we'll tell it to find Elasticsearch
	# # on "localhost", which is the Docker host machine in this context.
	# command: -e -E 'output.elasticsearch.hosts=["localhost:9200"]'
	# depends_on: ['elasticsearch']
	# command: --strict.perms=false -e -E output.elasticsearch.hosts="https://localhost:9200" # -e flag to log to stderr and disable syslog/file output
	# secrets:
	# - source: packetbeat.yml
	# target: /usr/share/packetbeat/packetbeat.yml
	# - source: packetbeat.keystore
	# target: /usr/share/packetbeat/packetbeat.keystore
	# - source: ca.crt
	# target: /usr/share/packetbeat/certs/ca/ca.crt
	# volumes:
	# - './scripts/setup-beat.sh:/usr/local/bin/setup-beat.sh:ro'
	# depends_on: ['elasticsearch', 'kibana']
	# healthcheck:
	# test: packetbeat test config
	# interval: 30s
	# timeout: 15s
	# retries: 5

	apm-server:
	image: docker.elastic.co/apm/apm-server:${TAG}
	container_name: apm_server
	ports: ['8200:8200']
	networks: ['stack']
	command: --strict.perms=false -e # -e flag to log to stderr and disable syslog/file output
	# secrets:
	# - source: apm-server.yml
	# target: /usr/share/apm-server/apm-server.yml
	# - source: apm-server.keystore
	# target: /usr/share/apm-server/apm-server.keystore
	# - source: ca.crt
	# target: /usr/share/apm-server/certs/ca/ca.crt
	# volumes:
	# - './scripts/setup-beat.sh:/usr/local/bin/setup-beat.sh:ro'
	depends_on: ['elasticsearch', 'kibana']
	# healthcheck:
	# test: curl --cacert /usr/share/elasticsearch/config/certs/ca/ca.crt -s https://localhost:8200/healthcheck >/dev/null; if [[ $$? == 52 ]]; then echo 0; else echo 1; fi
	# interval: 30s
	# timeout: 10s
	# retries: 5

	networks: {stack: {}}
	# use docker volume to persist ES data outside of a container.
	volumes:
	es_data:

	# secrets:
	# ca.crt:
	# file: ./config/ssl/ca/ca.crt
	# logstash.yml:
	# file: ./config/logstash/logstash.yml
	# logstash.keystore:
	# file: ./config/logstash/logstash.keystore
	# logstash.conf:
	# file: ./config/logstash/pipeline/logstash.conf
	# elasticsearch.yml:
	# file: ./config/elasticsearch/elasticsearch.yml
	# elasticsearch.keystore:
	# file: ./config/elasticsearch/elasticsearch.keystore
	# elasticsearch.key:
	# file: ./config/elasticsearch/elasticsearch.key
	# elasticsearch.crt:
	# file: ./config/elasticsearch/elasticsearch.crt
	# elasticsearch.p12:
	# file: ./config/elasticsearch/elasticsearch.p12
	# kibana.yml:
	# file: ./config/kibana/kibana.yml
	# kibana.keystore:
	# file: ./config/kibana/kibana.keystore
	# kibana.key:
	# file: ./config/kibana/kibana.key
	# kibana.crt:
	# file: ./config/kibana/kibana.crt
	# auditbeat.yml:
	# file: ./config/auditbeat/auditbeat.yml
	# auditbeat.keystore:
	# file: ./config/auditbeat/auditbeat.keystore
	# filebeat.yml:
	# file: ./config/filebeat/filebeat.yml
	# filebeat.keystore:
	# file: ./config/filebeat/filebeat.keystore
	# heartbeat.yml:
	# file: ./config/heartbeat/heartbeat.yml
	# heartbeat.keystore:
	# file: ./config/heartbeat/heartbeat.keystore
	# metricbeat.yml:
	# file: ./config/metricbeat/metricbeat.yml
	# metricbeat.keystore:
	# file: ./config/metricbeat/metricbeat.keystore
	# packetbeat.yml:
	# file: ./config/packetbeat/packetbeat.yml
	# packetbeat.keystore:
	# file: ./config/packetbeat/packetbeat.keystore
	# apm-server.yml:
	# file: ./config/apm-server/apm-server.yml
	# apm-server.keystore:
	# file: ./config/apm-server/apm-server.keystore