The Httpbeat configuration file uses YAML for its syntax. The file contains config options common to all Beats. These options are described in the following sections of the {libbeat}/configuration.html[Beats Platform Reference]:
-
{libbeat}/configuration.html#configuration-shipper[Shipper]
-
{libbeat}/configuration.html#configuration-output[Output]
-
{libbeat}/configuration.html#configuration-logging[Logging (Optional)]
-
{libbeat}/configuration.html#configuration-run-options[Run Options (Optional)]
The httpbeat section specifies a list of urls that Httpbeat calls in a scheduled fashion.
Each url item begins with a dash (-) and specifies url-specific configuration options.
Here is a sample configuration:
httpbeat:
hosts:
# Each - Host endpoints to call. Below are the host endpoint specific configurations
-
# Optional cron expression, defines when to poll the host endpoint.
# Default is every 1 minute.
schedule:
# The URL endpoint to call by Httpbeat
url: http://httpbin.org/headers
# HTTP method to use.
# Possible options are:
# * get
# * delete
# * head
# * patch
# * post
# * put
method:
# Optional basic authentication
#basic_auth:
# Basic authentication username
#username:
# Basic authentication password
#password:
# Optional proxy server URL
#proxy_url: http://proxy:3128
Optional timeout in seconds. Default is 60 seconds.
#timeout
# Optional ssl configuration. By default is off.
#ssl:
# List of root certificates for HTTPS server verifications
#certificate_authorities: ["/etc/pki/root/ca.pem"]
# Certificate for TLS client authentication
#certificate: "/etc/pki/client/cert.pem"
# Client Certificate Key
#key: "/etc/pki/client/cert.key"
# This option controls whether the client verifies server certificates and host
# names. The values `none` and `full` can be used. If `verification_mode` is set
# to `none`, all server host names and certificates are accepted. In this mode,
# TLS-based connections are susceptible to man-in-the-middle attacks. Use this
# option for testing only.
#
# The default is `full`.
#verification_mode: "full"
# Configure cipher suites to be used for TLS connections
#cipher_suites: []
# Configure curve types for ECDHE based cipher suites
#curve_types: []
# List of allowed SSL/TLS versions. If SSL/TLS server decides for protocol versions
# not configured, the connection will be dropped during or after the handshake. The
# setting is a list of allowed protocol versions:
# `SSLv3`, `TLSv1` for TLS version 1.0, `TLSv1.0`, `TLSv1.1` and `TLSv1.2`.
#
# The default value is `[TLSv1.0, TLSv1.1, TLSv1.2]`.
#´versions: [TLSv1.0, TLSv1.1, TLSv1.2]
# Optional convertion of dots in keys in JSON response body. By default is off.
# Possible options are:
# * replace - replaces dots with a different character. The default value is `_`.
# * unflatten - converts {"foo.bar":false} to {"foo":{"bar":false}}
#json_dot_mode: replaceA complete example can be found in httpbeat.full.yml
Optional cron expression, defines when to poll the endpoint. Default is every 1 minute.
schedule: @every 1mHTTP method to use. Possible options are: * get * delete * head * patch * post * put
method: getOptional payload information to send to the endpoint, e.g. JSON. Will only be send if one of the following method is used: * patch * post * put
body:Optional additional headers to send to the endpoint
headers:
Accept: application/json
User-Agent: Go-http-client/1.1Optional basic authentication information
basic_auth:
username: me
password: mysecretOptional fields that you can specify to add additional information to the output. For example, you might add fields that you can use for filtering log data.
fields:
level: debug
review: 1The event type to use for published lines read by harvesters. For Elasticsearch
output, the value that you specify here is used to set the type field in the output
document. The default value is httpbeat.
document_type: httpbeatOptional output format for the response body. Possible options are: * string * json Default output format is 'string'
output_format: string