module_version: "1.0"
var:
- name: paths
default:
- /var/log/cef.log
- name: tags
default: [cef, forwarded]
- name: syslog_host
default: localhost
- name: syslog_port
default: 9003
- name: input
default: syslog
- name: internal_zones
- name: external_zones
- name: timezone
ingest_pipeline:
- ingest/pipeline.yml
- ingest/fp-pipeline.yml
- ingest/cp-pipeline.yml
input: config/input.yml
requires.processors:
- name: geoip
plugin: ingest-geoip