diff --git a/inventories/filebeat b/inventories/filebeat index 30a1ab8d308d19e8993247cee67de5528d70037d..2add349aa63b05076383cb8d04f9ec27a4e1f309 100644 --- a/inventories/filebeat +++ b/inventories/filebeat @@ -3,8 +3,8 @@ soctools-nifi-1 ansible_connection=docker FILEBEAT_FILES='["/opt/nifi/nifi-curre soctools-nifi-2 ansible_connection=docker FILEBEAT_FILES='["/opt/nifi/nifi-current/logs/nifi-app.log","/opt/nifi/nifi-current/logs/nifi-bootstrap.log","/opt/nifi/nifi-current/logs/nifi-user.log","/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="nifi" FILEBEAT_LOG_FORMAT="text" soctools-nifi-3 ansible_connection=docker FILEBEAT_FILES='["/opt/nifi/nifi-current/logs/nifi-app.log","/opt/nifi/nifi-current/logs/nifi-bootstrap.log","/opt/nifi/nifi-current/logs/nifi-user.log","/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="nifi" FILEBEAT_LOG_FORMAT="text" soctools-misp ansible_connection=docker FILEBEAT_FILES='["/var/opt/rh/rh-php72/log/php-fpm/*.log","/var/opt/rh/rh-redis32/log/redis/redis.log","/var/log/httpd/*log","/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="misp" FILEBEAT_LOG_FORMAT="text" -#soctools-odfe-1 ansible_connection=docker FILEBEAT_FILES='["/usr/share/elasticsearch/logs/soctools-cluster_server.json","/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="odfe1" FILEBEAT_LOG_FORMAT="text" -#soctools-odfe-2 ansible_connection=docker FILEBEAT_FILES='["/usr/share/elasticsearch/logs/soctools-cluster_server.json","/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="odfe2" FILEBEAT_LOG_FORMAT="text" +soctools-odfe-1 ansible_connection=docker FILEBEAT_FILES='["/usr/share/elasticsearch/logs/soctools-cluster_server.json"]' FILEBEAT_LOG_TYPE="elasticsearch" FILEBEAT_LOG_FORMAT="json" +soctools-odfe-2 ansible_connection=docker FILEBEAT_FILES='["/usr/share/elasticsearch/logs/soctools-cluster_server.json"]' FILEBEAT_LOG_TYPE="elasticsearch" FILEBEAT_LOG_FORMAT="json" soctools-kibana ansible_connection=docker FILEBEAT_FILES='["/var/log/supervisor/kibana_stdout.log"]' FILEBEAT_LOG_TYPE="kibana" FILEBEAT_LOG_FORMAT="json" soctools-keycloak ansible_connection=docker FILEBEAT_FILES='["/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="keycloak" FILEBEAT_LOG_FORMAT="json" soctools-mysql ansible_connection=docker FILEBEAT_FILES='["/var/opt/rh/rh-mariadb103/log/mariadb/mariadb.log","/var/opt/rh/rh-mariadb103/lib/mysql/server_audit.log"]' FILEBEAT_LOG_TYPE="mysql" FILEBEAT_LOG_FORMAT="text" diff --git a/roles/filebeat/templates/filebeat.yml.j2 b/roles/filebeat/templates/filebeat.yml.j2 index 6fb7351a22fcf3928116a0f6ee998f938b633031..78af99c2330bbe35e9500bb98c231c6d6be2bde8 100644 --- a/roles/filebeat/templates/filebeat.yml.j2 +++ b/roles/filebeat/templates/filebeat.yml.j2 @@ -9,6 +9,10 @@ filebeat.inputs: json.keys_under_root: true json.overwrite_keys: true json.add_error_key: true + json.message_key: log + multiline.pattern: '^{' + multiline.negate: true + multiline.match: after {% endif %} {% else %} - type: syslog diff --git a/roles/nifi/templates/flow.xml.j2 b/roles/nifi/templates/flow.xml.j2 index 05955862ecaf4490858a076be6d86ba3575832d7..772e2770a63ea5222145d4adcd53a97ffb3b3005 100644 --- a/roles/nifi/templates/flow.xml.j2 +++ b/roles/nifi/templates/flow.xml.j2 @@ -4226,16 +4226,16 @@ <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> <outputPort> - <id>27d5761b-0172-1000-0000-000059275dad</id> - <name>To enrichment</name> - <position x="-312.0" y="328.0" /> + <id>27d5dab2-0172-1000-ffff-ffffab5c50be</id> + <name>To data output</name> + <position x="-632.0" y="328.0" /> <comments /> <scheduledState>STOPPED</scheduledState> </outputPort> <outputPort> - <id>27d5dab2-0172-1000-ffff-ffffab5c50be</id> - <name>To data output</name> - <position x="-632.0" y="328.0" /> + <id>27d5761b-0172-1000-0000-000059275dad</id> + <name>To enrichment</name> + <position x="-312.0" y="328.0" /> <comments /> <scheduledState>STOPPED</scheduledState> </outputPort> @@ -4281,6 +4281,10 @@ <name>kibana</name> <value>${log_type:equals("kibana")}</value> </property> + <property> + <name>elasticsearch</name> + <value>${log_type:equals("elasticsearch")}</value> + </property> <property> <name>suricata</name> <value>${log_type:equals("suricata")}</value> @@ -6114,14 +6118,14 @@ <comments /> <scheduledState>RUNNING</scheduledState> </outputPort> - <funnel> - <id>8d399854-0175-1000-ffff-ffff8272837e</id> - <position x="1736.0" y="528.0" /> - </funnel> <funnel> <id>8d3298f0-0175-1000-ffff-ffffc9f211a7</id> <position x="56.0" y="280.0" /> </funnel> + <funnel> + <id>8d399854-0175-1000-ffff-ffff8272837e</id> + <position x="1736.0" y="528.0" /> + </funnel> <connection> <id>8d3979b7-0175-1000-ffff-ffffe2efe898</id> <name /> @@ -6938,14 +6942,14 @@ <comments /> <scheduledState>RUNNING</scheduledState> </outputPort> - <funnel> - <id>7113dbce-0176-1000-ffff-ffffbbfa695f</id> - <position x="-673.331668377643" y="376.49854987272295" /> - </funnel> <funnel> <id>f1b33d4c-1b10-18ad-ab4a-4a3a1e744f4b</id> <position x="1112.0" y="376.0" /> </funnel> + <funnel> + <id>7113dbce-0176-1000-ffff-ffffbbfa695f</id> + <position x="-673.331668377643" y="376.49854987272295" /> + </funnel> <connection> <id>631e37d8-ca81-1bfa-8f55-aac2a22873ad</id> <name /> @@ -7406,14 +7410,14 @@ <comments /> <scheduledState>RUNNING</scheduledState> </outputPort> - <funnel> - <id>312d3490-461e-13ac-a3a2-603704c456e2</id> - <position x="8.0" y="424.0" /> - </funnel> <funnel> <id>bb763b6c-302d-12a4-8eb2-b3b501d92244</id> <position x="1882.9999517774115" y="327.9999931568573" /> </funnel> + <funnel> + <id>312d3490-461e-13ac-a3a2-603704c456e2</id> + <position x="8.0" y="424.0" /> + </funnel> <connection> <id>960f3ac9-95dc-103d-a70a-ca3b070851a4</id> <name /> @@ -7575,6 +7579,385 @@ <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> </connection> </processGroup> + <processGroup> + <id>7263390f-914c-1f6e-9451-75f908ed8816</id> + <name>Copy of Keycloak</name> + <position x="-1904.0" y="488.0" /> + <comment /> + <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> + <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> + <processor> + <id>1224352d-d1d1-10e8-b669-faf8022a7a5b</id> + <name>Extract message</name> + <position x="344.0" y="480.0" /> + <styles /> + <comment /> + <class>org.apache.nifi.processors.standard.ConvertRecord</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-standard-nar</artifact> + <version>1.12.1</version> + </bundle> + <maxConcurrentTasks>1</maxConcurrentTasks> + <schedulingPeriod>0 sec</schedulingPeriod> + <penalizationPeriod>30 sec</penalizationPeriod> + <yieldPeriod>1 sec</yieldPeriod> + <bulletinLevel>WARN</bulletinLevel> + <lossTolerant>false</lossTolerant> + <scheduledState>RUNNING</scheduledState> + <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> + <executionNode>ALL</executionNode> + <runDurationNanos>0</runDurationNanos> + <property> + <name>record-reader</name> + <value>179dd31f-89ed-3179-adb2-85a9c61869ce</value> + </property> + <property> + <name>record-writer</name> + <value>bc8e5957-0175-1000-0000-00003346421d</value> + </property> + <property> + <name>include-zero-record-flowfiles</name> + <value>true</value> + </property> + <autoTerminatedRelationship>failure</autoTerminatedRelationship> + </processor> + <processor> + <id>295133bd-42e6-1b08-80c5-bea2e19921fc</id> + <name>UpdateAttribute</name> + <position x="344.0" y="816.0" /> + <styles /> + <comment /> + <class>org.apache.nifi.processors.attributes.UpdateAttribute</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-update-attribute-nar</artifact> + <version>1.12.1</version> + </bundle> + <maxConcurrentTasks>1</maxConcurrentTasks> + <schedulingPeriod>0 sec</schedulingPeriod> + <penalizationPeriod>30 sec</penalizationPeriod> + <yieldPeriod>1 sec</yieldPeriod> + <bulletinLevel>WARN</bulletinLevel> + <lossTolerant>false</lossTolerant> + <scheduledState>RUNNING</scheduledState> + <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> + <executionNode>ALL</executionNode> + <runDurationNanos>0</runDurationNanos> + <property> + <name>Delete Attributes Expression</name> + </property> + <property> + <name>Store State</name> + <value>Do not store state</value> + </property> + <property> + <name>Stateful Variables Initial Value</name> + </property> + <property> + <name>canonical-value-lookup-cache-size</name> + <value>100</value> + </property> + <property> + <name>data_index</name> + <value>logs-elasticsearch</value> + </property> + </processor> + <processor> + <id>c2133480-cab5-13e3-a30c-44afba300fe9</id> + <name>Append ]</name> + <position x="1000.0" y="656.0" /> + <styles /> + <comment /> + <class>org.apache.nifi.processors.standard.ReplaceText</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-standard-nar</artifact> + <version>1.12.1</version> + </bundle> + <maxConcurrentTasks>1</maxConcurrentTasks> + <schedulingPeriod>0 sec</schedulingPeriod> + <penalizationPeriod>30 sec</penalizationPeriod> + <yieldPeriod>1 sec</yieldPeriod> + <bulletinLevel>WARN</bulletinLevel> + <lossTolerant>false</lossTolerant> + <scheduledState>RUNNING</scheduledState> + <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> + <executionNode>ALL</executionNode> + <runDurationNanos>0</runDurationNanos> + <property> + <name>Regular Expression</name> + <value>(?s)(^.*),$</value> + </property> + <property> + <name>Replacement Value</name> + <value>$1]</value> + </property> + <property> + <name>Character Set</name> + <value>UTF-8</value> + </property> + <property> + <name>Maximum Buffer Size</name> + <value>1 MB</value> + </property> + <property> + <name>Replacement Strategy</name> + <value>Regex Replace</value> + </property> + <property> + <name>Evaluation Mode</name> + <value>Entire text</value> + </property> + <property> + <name>Line-by-Line Evaluation Mode</name> + <value>All</value> + </property> + <autoTerminatedRelationship>failure</autoTerminatedRelationship> + </processor> + <processor> + <id>7570be71-0176-1000-0000-000062deefd2</id> + <name>Prepend [</name> + <position x="344.0" y="648.0" /> + <styles /> + <comment /> + <class>org.apache.nifi.processors.standard.ReplaceText</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-standard-nar</artifact> + <version>1.12.1</version> + </bundle> + <maxConcurrentTasks>1</maxConcurrentTasks> + <schedulingPeriod>0 sec</schedulingPeriod> + <penalizationPeriod>30 sec</penalizationPeriod> + <yieldPeriod>1 sec</yieldPeriod> + <bulletinLevel>WARN</bulletinLevel> + <lossTolerant>false</lossTolerant> + <scheduledState>RUNNING</scheduledState> + <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> + <executionNode>ALL</executionNode> + <runDurationNanos>0</runDurationNanos> + <property> + <name>Regular Expression</name> + <value>(?s)(^.*$)</value> + </property> + <property> + <name>Replacement Value</name> + <value>[</value> + </property> + <property> + <name>Character Set</name> + <value>UTF-8</value> + </property> + <property> + <name>Maximum Buffer Size</name> + <value>1 MB</value> + </property> + <property> + <name>Replacement Strategy</name> + <value>Prepend</value> + </property> + <property> + <name>Evaluation Mode</name> + <value>Entire text</value> + </property> + <property> + <name>Line-by-Line Evaluation Mode</name> + <value>All</value> + </property> + <autoTerminatedRelationship>failure</autoTerminatedRelationship> + </processor> + <processor> + <id>75699f60-0176-1000-0000-000064aed2e3</id> + <name>Add , between log lines</name> + <position x="992.0" y="480.0" /> + <styles /> + <comment /> + <class>org.apache.nifi.processors.standard.ReplaceText</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-standard-nar</artifact> + <version>1.12.1</version> + </bundle> + <maxConcurrentTasks>1</maxConcurrentTasks> + <schedulingPeriod>0 sec</schedulingPeriod> + <penalizationPeriod>30 sec</penalizationPeriod> + <yieldPeriod>1 sec</yieldPeriod> + <bulletinLevel>WARN</bulletinLevel> + <lossTolerant>false</lossTolerant> + <scheduledState>RUNNING</scheduledState> + <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> + <executionNode>ALL</executionNode> + <runDurationNanos>0</runDurationNanos> + <property> + <name>Regular Expression</name> + <value>(?s)(^.*}$)</value> + </property> + <property> + <name>Replacement Value</name> + <value>$1,</value> + </property> + <property> + <name>Character Set</name> + <value>UTF-8</value> + </property> + <property> + <name>Maximum Buffer Size</name> + <value>1 MB</value> + </property> + <property> + <name>Replacement Strategy</name> + <value>Regex Replace</value> + </property> + <property> + <name>Evaluation Mode</name> + <value>Line-by-Line</value> + </property> + <property> + <name>Line-by-Line Evaluation Mode</name> + <value>All</value> + </property> + <autoTerminatedRelationship>failure</autoTerminatedRelationship> + </processor> + <inputPort> + <id>39ce3238-1ebd-1c2c-b724-01d18f147b6f</id> + <name>Input</name> + <position x="408.0" y="320.0" /> + <comments /> + <scheduledState>RUNNING</scheduledState> + </inputPort> + <outputPort> + <id>bbc63756-9681-13b9-8c07-20c82f62ceca</id> + <name>Output</name> + <position x="376.0" y="1048.0" /> + <comments /> + <scheduledState>RUNNING</scheduledState> + </outputPort> + <funnel> + <id>756f7444-0176-1000-0000-00007e35cecc</id> + <position x="1648.466280349272" y="602.7973494129587" /> + </funnel> + <connection> + <id>7569c58e-0176-1000-ffff-ffff917ad2c3</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>1224352d-d1d1-10e8-b669-faf8022a7a5b</sourceId> + <sourceGroupId>7263390f-914c-1f6e-9451-75f908ed8816</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>75699f60-0176-1000-0000-000064aed2e3</destinationId> + <destinationGroupId>7263390f-914c-1f6e-9451-75f908ed8816</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>success</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>7572fc65-0176-1000-0000-000049bf5d64</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>c2133480-cab5-13e3-a30c-44afba300fe9</sourceId> + <sourceGroupId>7263390f-914c-1f6e-9451-75f908ed8816</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>295133bd-42e6-1b08-80c5-bea2e19921fc</destinationId> + <destinationGroupId>7263390f-914c-1f6e-9451-75f908ed8816</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>success</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>15e0341e-6dd3-172a-b2b5-8f1d5740fea1</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>39ce3238-1ebd-1c2c-b724-01d18f147b6f</sourceId> + <sourceGroupId>7263390f-914c-1f6e-9451-75f908ed8816</sourceGroupId> + <sourceType>INPUT_PORT</sourceType> + <destinationId>1224352d-d1d1-10e8-b669-faf8022a7a5b</destinationId> + <destinationGroupId>7263390f-914c-1f6e-9451-75f908ed8816</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship /> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>756f21d7-0176-1000-0000-00005f72243e</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>75699f60-0176-1000-0000-000064aed2e3</sourceId> + <sourceGroupId>7263390f-914c-1f6e-9451-75f908ed8816</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>7570be71-0176-1000-0000-000062deefd2</destinationId> + <destinationGroupId>7263390f-914c-1f6e-9451-75f908ed8816</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>success</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>af99379e-bf26-19c5-bd70-bd6d405fb0b7</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>295133bd-42e6-1b08-80c5-bea2e19921fc</sourceId> + <sourceGroupId>7263390f-914c-1f6e-9451-75f908ed8816</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>bbc63756-9681-13b9-8c07-20c82f62ceca</destinationId> + <destinationGroupId>7263390f-914c-1f6e-9451-75f908ed8816</destinationGroupId> + <destinationType>OUTPUT_PORT</destinationType> + <relationship>success</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>7572deb6-0176-1000-ffff-ffffadef21f8</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>7570be71-0176-1000-0000-000062deefd2</sourceId> + <sourceGroupId>7263390f-914c-1f6e-9451-75f908ed8816</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>c2133480-cab5-13e3-a30c-44afba300fe9</destinationId> + <destinationGroupId>7263390f-914c-1f6e-9451-75f908ed8816</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>success</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + </processGroup> <processGroup> <id>f88732b0-d93f-1f6e-ba01-40b41ea20fe3</id> <name>Keycloak</name> @@ -7975,14 +8358,14 @@ <comments /> <scheduledState>RUNNING</scheduledState> </outputPort> - <funnel> - <id>c8c0a13d-0170-1000-ffff-ffff874141fa</id> - <position x="248.5321508445502" y="703.4412774751572" /> - </funnel> <funnel> <id>06521038-335b-3139-839d-ab43a013ce03</id> <position x="-1557.869726298236" y="758.8984861527665" /> </funnel> + <funnel> + <id>c8c0a13d-0170-1000-ffff-ffff874141fa</id> + <position x="248.5321508445502" y="703.4412774751572" /> + </funnel> <connection> <id>3c739604-b69c-3e86-ba4c-a4739078837c</id> <name /> @@ -8648,6 +9031,26 @@ <partitioningAttribute /> <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> </connection> + <connection> + <id>7558e6dd-0176-1000-ffff-ffffec9061a8</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>8962ad5a-0175-1000-ffff-ffffde6db5a6</sourceId> + <sourceGroupId>0c790562-0175-1000-ffff-ffffeaaeafc3</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>39ce3238-1ebd-1c2c-b724-01d18f147b6f</destinationId> + <destinationGroupId>7263390f-914c-1f6e-9451-75f908ed8816</destinationGroupId> + <destinationType>INPUT_PORT</destinationType> + <relationship>elasticsearch</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> <connection> <id>fbbe3ee1-5336-11c9-ffff-ffffa7c97811</id> <name /> @@ -8920,6 +9323,26 @@ <partitioningAttribute /> <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> </connection> + <connection> + <id>7575486d-0176-1000-0000-00002542d6de</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>bbc63756-9681-13b9-8c07-20c82f62ceca</sourceId> + <sourceGroupId>7263390f-914c-1f6e-9451-75f908ed8816</sourceGroupId> + <sourceType>OUTPUT_PORT</sourceType> + <destinationId>bcb879d5-0175-1000-0000-000070879ad0</destinationId> + <destinationGroupId>0c790562-0175-1000-ffff-ffffeaaeafc3</destinationGroupId> + <destinationType>OUTPUT_PORT</destinationType> + <relationship /> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> </processGroup> <processGroup> <id>b3d57504-7c06-37a3-b59b-8723f60fa728</id> @@ -9433,7 +9856,7 @@ </property> <property> <name>Password</name> - <value>enc{6a99599249debd0a65f95bddacbc6ca15fb19f869a4aabb9c432a18972b610121732f7f9643e9da95586b0a26f7268e0}</value> + <value>enc{712194e912fcd1c53d1e0ec7aca9dee896e1b6ee2b9c9cbdf90c8de6958862d9b2be6f0cbf23337863c95a23c289bae8}</value> </property> <property> <name>elasticsearch-http-connect-timeout</name> @@ -12549,7 +12972,7 @@ </property> <property> <name>Truststore Password</name> - <value>enc{d5f6f4e080eb19023e6034e50bb1beae8afe26c787f0dfd3e032857ec79dd535}</value> + <value>enc{c8226c8abe9522ac00a615ac3fb99470788ecf97d81785894b496a638f5072e4}</value> </property> <property> <name>Truststore Type</name>