#filebeat.config:
#  modules:
#    path: ${path.config}/modules.d/*.yml
#    reload.enabled: false

filebeat.autodiscover:
  providers:
    - type: docker
      hints.enabled: true

processors:
  - add_cloud_metadata: ~
  - add_locale:
      format: offset
  - add_docker_metadata:
      host: "unix:///var/run/docker.sock"
  - add_host_metadata: ~
  - dissect:
      tokenizer: '%{nginx.remote_addr} - %{nginx.remote_user} [%{nginx.time}] %{nginx.host} "%{nginx.request}" %{nginx.status|integer} %{nginx.http_referer} "%{nginx.http_user_agent}" %{nginx.http_x_forwarded_for} %{nginx.request_id} "%{nginx.geoip_country_name}" %{nginx.geoip_country_code} %{nginx.geoip_latitude} %{nginx.geoip_longitude}'
      target_prefix: ""
      field: "message"
      when:
        equals:
          container.name: nginxfront
  - timestamp:
      field: nginx.time
      target_field: nginx.time
      layouts:
        - '02/Jan/2006:15:04:05 -0700'
      test:
        - '27/May/2022:21:41:02 +0000'
      when:
        equals:
          container.name: nginxfront

setup:
  kibana:
    host: '${KIBANA_HOSTS:kibana:5601}'
    ssl:
      verification_mode: none
  template:
    enabled: true
    name: "filebeat-%{[agent.version]}"
    pattern: "filebeat-%{[beat.version]}-*"
    settings:
      index.number_of_shards: 1
      index.number_of_replicas: 0
    append_fields:
      - name: container.name
        type: keyword
      - name: kubernetes.container.name
        type: keyword

  dashboards:
    enabled: false
    #index: "filebeat-%{[agent.version]}-*"

output.elasticsearch:
  hosts: '[${ELASTICSEARCH_HOSTS:elasticsearch:9200}]'
  username: '${ELASTICSEARCH_USERNAME:}'
  password: '${ELASTICSEARCH_PASSWORD:}'
  ssl:
    verification_mode: none
  indices:
    - index: "filebeat-%{[agent.version]}-%{[container.name]:common}-%{+yyyy.MM.dd}"


#logging.json: true
#logging.metrics.enabled: false