###################### Filebeat Configuration Example ######################### 
filebeat.inputs:

# =========================== system =============================
- type: log
  enabled: true
  paths:
    - /var/log/secure
  exclude_lines: ['.*session.*']
  fields:
    log_topic: elk_other
    type: "system-secure"

- type: log
  enabled: true
  paths:
    - /var/log/messages
  exclude_lines: ['.*Session.*']
  fields:
    log_topic: elk_other
    type: "system-messages"

# ============================= Filebeat modules ===============================

filebeat.config.modules:
  # Glob pattern for configuration loading
  path: ${path.config}/modules.d/*.yml

  # Set to true to enable config reloading
  reload.enabled: false

  # Period on which files under path should be checked for changes
  #reload.period: 10s

#==================== Elasticsearch template setting ==========================

setup.template.settings:
  index.number_of_shards: 1
  #index.codec: best_compression
  #_source.enabled: false

#============================== Kibana =====================================
setup.kibana:

output.kafka:

  enabled: true
  hosts: ["elk:9092","elk2:9092","elk3:9092"]

  topic: '%{[fields.log_topic]}'
  partition.round_robin:
    reachable_only: false

  required_acks: 1
  compression: gzip
  max_message_bytes: 100000000000

#================================ Processors =====================================

processors:
  - add_host_metadata: ~
  - add_cloud_metadata: ~

#================================ Logging =====================================