{ "name": "squid", "title": "Squid Proxy", "version": "1.5.1", "release": "ga", "description": "Collect and parse logs from Squid devices with Elastic Agent.", "type": "integration", "download": "/epr/squid/squid-1.5.1.zip", "path": "/package/squid/1.5.1", "icons": [ { "src": "/img/squid-logo.png", "path": "/package/squid/1.5.1/img/squid-logo.png", "title": "Squid Logo", "size": "160x160", "type": "image/svg+xml" } ], "conditions": { "kibana": { "version": "^8.14.1 || ^9.0.0" }, "elastic": { "subscription": "basic" } }, "owner": { "type": "elastic", "github": "elastic/integration-experience" }, "categories": [ "observability", "network", "security", "proxy_security", "web" ], "signature_path": "/epr/squid/squid-1.5.1.zip.sig", "format_version": "3.2.1", "readme": "/package/squid/1.5.1/docs/README.md", "license": "basic", "screenshots": [ { "src": "/img/dashboard-1.png", "path": "/package/squid/1.5.1/img/dashboard-1.png", "title": "Dashboard", "size": "2432x2368", "type": "image/png" }, { "src": "/img/dashboard-2.png", "path": "/package/squid/1.5.1/img/dashboard-2.png", "title": "Dashboard", "size": "2432x2072", "type": "image/png" }, { "src": "/img/dashboard-3.png", "path": "/package/squid/1.5.1/img/dashboard-3.png", "title": "Dashboard", "size": "2432x1628", "type": "image/png" } ], "assets": [ "/package/squid/1.5.1/LICENSE.txt", "/package/squid/1.5.1/changelog.yml", "/package/squid/1.5.1/manifest.yml", "/package/squid/1.5.1/validation.yml", "/package/squid/1.5.1/docs/README.md", "/package/squid/1.5.1/img/dashboard-1.png", "/package/squid/1.5.1/img/dashboard-2.png", "/package/squid/1.5.1/img/dashboard-3.png", "/package/squid/1.5.1/img/squid-logo.png", "/package/squid/1.5.1/kibana/tags.yml", "/package/squid/1.5.1/data_stream/log/manifest.yml", "/package/squid/1.5.1/data_stream/log/sample_event.json", "/package/squid/1.5.1/docs/knowledge_base/service_info.md", "/package/squid/1.5.1/kibana/dashboard/squid-478e10c4-c49a-4f57-bc83-8ed89b47f1a5.json", "/package/squid/1.5.1/data_stream/log/fields/base-fields.yml", "/package/squid/1.5.1/data_stream/log/fields/fields.yml", "/package/squid/1.5.1/data_stream/log/agent/stream/filestream.yml.hbs", "/package/squid/1.5.1/data_stream/log/agent/stream/tcp.yml.hbs", "/package/squid/1.5.1/data_stream/log/agent/stream/udp.yml.hbs", "/package/squid/1.5.1/data_stream/log/elasticsearch/ingest_pipeline/default.yml" ], "policy_templates": [ { "name": "log", "title": "Squid", "description": "Collect Squid logs from syslog or a file.", "inputs": [ { "type": "udp", "title": "Collect logs from Squid via UDP", "description": "Collecting syslog from Squid via UDP" }, { "type": "tcp", "title": "Collect logs from Squid via TCP", "description": "Collecting syslog from Squid via TCP" }, { "type": "filestream", "title": "Collect logs from Squid via filestream", "description": "Collecting syslog from Squid via filestream" } ], "multiple": true } ], "data_streams": [ { "type": "logs", "dataset": "squid.log", "title": "Squid logs", "release": "ga", "ingest_pipeline": "default", "streams": [ { "input": "udp", "vars": [ { "name": "tags", "type": "text", "title": "Tags", "multi": true, "required": true, "show_user": false, "default": [ "squid-log", "forwarded" ] }, { "name": "udp_host", "type": "text", "title": "UDP host to listen on", "multi": false, "required": true, "show_user": true, "default": "localhost" }, { "name": "udp_port", "type": "integer", "title": "UDP port to listen on", "multi": false, "required": true, "show_user": true, "default": 9537 }, { "name": "preserve_original_event", "type": "bool", "title": "Preserve original event", "description": "Preserves a raw copy of the original event, added to the field `event.original`", "multi": false, "required": true, "show_user": true, "default": false }, { "name": "udp_options", "type": "yaml", "title": "Custom UDP Options", "description": "Specify custom configuration options for the UDP input. See [UDP input](https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-input-udp.html) for details.", "multi": false, "required": false, "show_user": false, "default": "#read_buffer: 100MiB\n#max_message_size: 50KiB\n#timeout: 300s\n" }, { "name": "processors", "type": "yaml", "title": "Processors", "description": "Processors are used to reduce the number of fields in the exported event or to enhance the event with metadata. This executes in the agent before the logs are parsed. See [Processors](https://www.elastic.co/guide/en/beats/filebeat/current/filtering-and-enhancing-data.html) for details.\n", "multi": false, "required": false, "show_user": false } ], "template_path": "udp.yml.hbs", "title": "Squid logs", "description": "Collect Squid logs using the UDP input", "enabled": true, "ingestion_method": "Network Protocol" }, { "input": "tcp", "vars": [ { "name": "tags", "type": "text", "title": "Tags", "multi": true, "required": true, "show_user": false, "default": [ "squid-log", "forwarded" ] }, { "name": "tcp_host", "type": "text", "title": "TCP host to listen on", "multi": false, "required": true, "show_user": true, "default": "localhost" }, { "name": "tcp_port", "type": "integer", "title": "TCP port to listen on", "multi": false, "required": true, "show_user": true, "default": 9537 }, { "name": "preserve_original_event", "type": "bool", "title": "Preserve original event", "description": "Preserves a raw copy of the original event, added to the field `event.original`", "multi": false, "required": true, "show_user": true, "default": false }, { "name": "processors", "type": "yaml", "title": "Processors", "description": "Processors are used to reduce the number of fields in the exported event or to enhance the event with metadata. This executes in the agent before the logs are parsed. See [Processors](https://www.elastic.co/guide/en/beats/filebeat/current/filtering-and-enhancing-data.html) for details.\n", "multi": false, "required": false, "show_user": false }, { "name": "ssl", "type": "yaml", "title": "SSL Configuration", "description": "SSL configuration options. See [documentation](https://www.elastic.co/guide/en/beats/filebeat/current/configuration-ssl.html#ssl-common-config) for details.", "multi": false, "required": false, "show_user": false, "default": "#certificate: \"/etc/server/cert.pem\"\n#key: \"/etc/server/key.pem\"" }, { "name": "tcp_options", "type": "yaml", "title": "Custom TCP Options", "description": "Specify custom configuration options for the TCP input. See [TCP input](https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-input-tcp.html) for details.", "multi": false, "required": false, "show_user": false, "default": "# max_message_size: 50KiB" } ], "template_path": "tcp.yml.hbs", "title": "Squid logs", "description": "Collect Squid logs using the TCP input", "enabled": true, "ingestion_method": "Network Protocol" }, { "input": "filestream", "vars": [ { "name": "paths", "type": "text", "title": "Paths", "multi": true, "required": true, "show_user": true, "default": [ "/var/log/squid-log.log" ] }, { "name": "tags", "type": "text", "title": "Tags", "multi": true, "required": true, "show_user": false, "default": [ "squid-log", "forwarded" ] }, { "name": "preserve_original_event", "type": "bool", "title": "Preserve original event", "description": "Preserves a raw copy of the original event, added to the field `event.original`", "multi": false, "required": true, "show_user": true, "default": false }, { "name": "processors", "type": "yaml", "title": "Processors", "description": "Processors are used to reduce the number of fields in the exported event or to enhance the event with metadata. This executes in the agent before the logs are parsed. See [Processors](https://www.elastic.co/guide/en/beats/filebeat/current/filtering-and-enhancing-data.html) for details.", "multi": false, "required": false, "show_user": false } ], "template_path": "filestream.yml.hbs", "title": "Squid logs (filestream)", "description": "Collect Squid logs using the filestream input", "enabled": false, "ingestion_method": "File" } ], "package": "squid", "path": "log" } ] }