From 1cd803098d9e3df8f7f7f5da31e51366d855e792 Mon Sep 17 00:00:00 2001
From: Michel Oosterhof <michel@oosterhof.net>
Date: Wed, 4 Feb 2015 06:50:17 +0000
Subject: [PATCH] open tcp port for old log file processing

---
 utils/elk/logstash-kippo.conf | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/utils/elk/logstash-kippo.conf b/utils/elk/logstash-kippo.conf
index 7b67ade..a1d4388 100644
--- a/utils/elk/logstash-kippo.conf
+++ b/utils/elk/logstash-kippo.conf
@@ -1,11 +1,15 @@
-
 input {
+       # this is the actual live log file to monitor
        file {
-              path => ["/home/michel/src/kippo-git/log/kippo.json", "/home/kippo/kippo-git/log/kippo.json"]
-#              path => ["/home/michel/src/kippo-git/log/kippo.json"]
+              path => ["/home/kippo/kippo-git/log/kippo.json"]
               codec => json
               type => "kippo"
        }
+       # this is to send old logs to for reprocessing
+       tcp {
+              port => 3333
+              type => "kippo"
+       }
 }
 
 filter {
@@ -16,7 +20,6 @@ filter {
             locale => "en"
         }
 
-
         if [src_ip]  {
 
             dns {