Elasticsearch module

Elasticsearch module pushes a variety of message-related metadata to an instance of Elasticsearch. This module provides exporter, template creation logic and a simple kibana dashboard.

This plugin is based on the plugin created by Veselin Iordanov and adopted for the Elasticsearch 6.x

Requirements

Configuration

Configuration is fairly simple:

# local.d/elastic.conf
# Push update when 10 records are collected (10 if unset)
limit = 10;
# IP:port of Elasticsearch server
server = "localhost:9200";
# Timeout to wait for response (5 seconds if unset)
timeout = 5;
# Elasticsearch template file (json format)
#template_file = "${PLUGINSDIR}/elastic/rspamd_template.json";
# Kibana prebuild visualizations and dashboard template (json format)
#kibana_file = "${PLUGINSDIR}/elastic/kibana.json";
# Elasticsearch index name pattern
index_pattern = "rspamd-%Y.%m.%d";
# Import kibana template
import_kibana = false;
# Use https if needed
use_https = false;