Skip to content

Commit

Permalink
feat(quickwit_output): add quickwit config documentation
Browse files Browse the repository at this point in the history
Signed-off-by: Idriss Neumann <idriss.neumann@comwork.io>
  • Loading branch information
idrissneumann committed Jan 2, 2024
1 parent 309b1d1 commit 9b1d688
Show file tree
Hide file tree
Showing 2 changed files with 43 additions and 0 deletions.
1 change: 1 addition & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -111,6 +111,7 @@ Follow the links to get the configuration of each output.
- [**Zincsearch**](https://github.com/falcosecurity/falcosidekick/blob/master/docs/outputs//zincsearch.md)
- [**OpenObserve**](https://github.com/falcosecurity/falcosidekick/blob/master/docs/outputs/openobserve.md)
- [**SumoLogic**](https://github.com/falcosecurity/falcosidekick/blob/master/docs/outputs/sumologic.md)
- [**Quickwit**](https://github.com/falcosecurity/falcosidekick/blob/master/docs/outputs/quickwit.md)

### Object Storage

Expand Down
42 changes: 42 additions & 0 deletions docs/outputs/quickwit.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
# Quickwit

- **Category**: Logs
- **Website**: https://quickwit.io/

## Table of content

- [Quickwit](#quickwit)
- [Table of content](#table-of-content)
- [Configuration](#configuration)
- [Example of config.yaml](#example-of-configyaml)

## Configuration

| Setting | Env var | Default value | Description |
| ------------------------------- | ------------------------------- | ---------------- | ----------------------------------------------------------------------------------------------------------------------------------- |
| `quickwit.hosport` | `QUICKWIT_HOSTPORT` | | http://{domain or ip}:{port}, if not empty, Quickwit output is **enabled** |
| `quickwit.apiendpoint` | `QUICKWIT_APIENDPOINT` | `/api/v1` | API endpoint (containing the API version, overideable in case of quickwit behind a reverse proxy with URL rewriting) |
| `quickwit.index` | `QUICKWIT_INDEX` | `falco` | Index |
| `quickwit.version` | `QUICKWIT_VERSION` | `0.6` | Version of quickwit |
| `quickwit.customheaders` | `QUICKWIT_CUSTOMHEADERS` | | Custom headers to add in POST, useful for Authentication |
| `quickwit.mutualtls` | `QUICKWIT_MUTUALTLS` | `false` | Authenticate to the output with TLS, if true, checkcert flag will be ignored (server cert will always be checked) |
| `quickwit.checkcert` | `QUICKWIT_CHECKCERT` | `true` | Check if ssl certificate of the output is valid |
| `quickwit.minimumpriority` | `QUICK_MINIMUMPRIORITY` | `""` (= `debug`) | Minimum priority of event for using this output, order is `emergency,alert,critical,error,warning,notice,informational,debug or ""` |

> **Note**
The Env var values override the settings from yaml file.

## Example of config.yaml

```yaml
quickwit:
# hostport: ""
# apiendpoint: "/api/v1"
# index: "falco"
# version: "0.6"
# customHeaders:
# key: value
# mutualtls: false
# checkcert: true
# minimumpriority: ""
```

0 comments on commit 9b1d688

Please sign in to comment.