Cambios journalbeat

script/script.sh

@@ -36,6 +36,49 @@ bash ./mkcerts.sh
 cp CA/certs/ca.crt.pem /etc/ssl/certs/
 ln -s /etc/ssl/certs/ca.crt.pem /etc/ssl/certs/"$(openssl x509 -in /etc/ssl/certs/ca.crt.pem -hash -noout).0"
 
+# Configurar Journalbeat
+
+# Verificar si la URL es accesible
+curl -I --connect-timeout 10 --max-time 30 "https://artifacts.elastic.co/downloads/beats/journalbeat/journalbeat-oss-7.12.1-amd64.deb" -o /dev/null -s
+if [[ $? -ne 0 ]]; then
+  echo "ERROR: No se puede resolver la URL. Verifica tu conexión a Internet o la disponibilidad del servidor."
+  exit 1  # Detener el script
+fi
+
+echo "La URL es accesible. Continuando..."
+
+curl --connect-timeout 10 --max-time 60 -L -o /tmp/journalbeat-oss-7.12.1-amd64.deb https://artifacts.elastic.co/downloads/beats/journalbeat/journalbeat-oss-7.12.1-amd64.deb
+dpkg -i /tmp/journalbeat-oss-7.12.1-amd64.deb
+cp CA/certs/oglog-jb.mytld.crt.pem          /etc/journalbeat/
+cp CA/private/oglog-jb.mytld.key.nopass.pem /etc/journalbeat/oglog-jb.mytld.key.pem
+cat >/etc/journalbeat/journalbeat.yml <<EOF
+journalbeat.inputs:
+- paths:
+  - "/var/log/journal"
+  - "/var/log/journal/remote"
+  seek: cursor
+
+setup.template.settings:
+  index.number_of_shards: 1
+
+output.elasticsearch:
+  hosts: ["oglog-os.mytld:9200"]
+  username: "admin"
+  password: "$OPENSEARCH_INITIAL_ADMIN_PASSWORD"
+  protocol: "https"
+  ssl.enabled: true
+  ssl.verification_mode: full
+  ssl.certificate: "/etc/journalbeat/oglog-jb.mytld.crt.pem"
+  ssl.key: "/etc/journalbeat/oglog-jb.mytld.key.pem"
+
+processors:
+  - add_docker_metadata: ~
+
+seccomp.enabled: false
+EOF
+
+systemctl enable --now journalbeat
+
 # Configurar repositorios y llaves para OpenSearch
 curl -o- https://artifacts.opensearch.org/publickeys/opensearch.pgp | gpg --dearmor --batch --yes -o /usr/share/keyrings/opensearch-keyring
 echo "deb [signed-by=/usr/share/keyrings/opensearch-keyring] https://artifacts.opensearch.org/releases/bundle/opensearch/2.x/apt stable main" > /etc/apt/sources.list.d/opensearch-2.x.list
@@ -120,49 +163,6 @@ EOF
 sed -i -e '/^ARGS/s%"$%--web.config.file=/etc/prometheus/web-config.yml"%' /etc/default/prometheus
 systemctl restart prometheus
 
-# Configurar Journalbeat
-
-# Verificar si la URL es accesible
-curl -I --connect-timeout 10 --max-time 30 "https://artifacts.elastic.co/downloads/beats/journalbeat/journalbeat-oss-7.12.1-amd64.deb" -o /dev/null -s
-if [[ $? -ne 0 ]]; then
-  echo "ERROR: No se puede resolver la URL. Verifica tu conexión a Internet o la disponibilidad del servidor."
-  exit 1  # Detener el script
-fi
-
-echo "La URL es accesible. Continuando..."
-
-curl --connect-timeout 10 --max-time 60 -L -o /tmp/journalbeat-oss-7.12.1-amd64.deb https://artifacts.elastic.co/downloads/beats/journalbeat/journalbeat-oss-7.12.1-amd64.deb
-dpkg -i /tmp/journalbeat-oss-7.12.1-amd64.deb
-cp CA/certs/oglog-jb.mytld.crt.pem          /etc/journalbeat/
-cp CA/private/oglog-jb.mytld.key.nopass.pem /etc/journalbeat/oglog-jb.mytld.key.pem
-cat >/etc/journalbeat/journalbeat.yml <<EOF
-journalbeat.inputs:
-- paths:
-  - "/var/log/journal"
-  - "/var/log/journal/remote"
-  seek: cursor
-
-setup.template.settings:
-  index.number_of_shards: 1
-
-output.elasticsearch:
-  hosts: ["oglog-os.mytld:9200"]
-  username: "admin"
-  password: "$OPENSEARCH_INITIAL_ADMIN_PASSWORD"
-  protocol: "https"
-  ssl.enabled: true
-  ssl.verification_mode: full
-  ssl.certificate: "/etc/journalbeat/oglog-jb.mytld.crt.pem"
-  ssl.key: "/etc/journalbeat/oglog-jb.mytld.key.pem"
-
-processors:
-  - add_docker_metadata: ~
-
-seccomp.enabled: false
-EOF
-
-systemctl enable --now journalbeat
-
 # Configurar Grafana
 # Prueba de conexión a la URL de la clave GPG
 echo "Verificando conectividad con https://apt.grafana.com/gpg.key..."