Ansible - Azure logs to Elasticsearch filebeat conf

1. # Module: azure
2. # Docs: https://www.elastic.co/guide/en/beats/filebeat/7.10/filebeat-module-azure.html
3.  
4. - module: azure
5.   # All logs
6.   activitylogs:
7.     enabled: false
8.     var:
9.      # eventhub name containing the activity logs, overwrite he default value if the logs are exported in a different eventhub
10.       eventhub: "EVENT_HUB_NAME"
11.       # consumer group name that has access to the event hub, we advise creating a dedicated consumer group for the azure module
12.       consumer_group: "$Default"
13.       # the connection string required to communicate with Event Hubs, steps to generate one here https://docs.microsoft.com/en-us/azure/event-hubs/event-hubs-get-connection-string
14.       connection_string: ""
15.       # the name of the storage account the state/offsets will be stored and updated
16.       storage_account: ""
17.       # the storage account key, this key will be used to authorize access to data in your storage account
18.       storage_account_key: ""
19.  
20.   auditlogs:
21.     enabled: true
22.     var:
23.       eventhub: "audit_logs"
24.       consumer_group: "$Default"
25.       connection_string: "Endpoint=sb://eventhubteleconsecurity.servicebus.windows.net/;SharedAccessKeyName=FilebeatKey;SharedAccessKey=--ACCESS_KEY_GENERATED_IN_AZURE--=;EntityPath=insights-logs-auditlogs"
26.       storage_account: "--STORAGE_NAME--"
27.       storage_account_key: "--STORAGE_KEY_GENERATED_IN_AZURE--"
28.   signinlogs:
29.     enabled: true
30.     var:
31.       eventhub: "signin_logs"
32.       consumer_group: "$Default"
33.       connection_string: "Endpoint=sb://eventhubteleconsecurity.servicebus.windows.net/;SharedAccessKeyName=FilebeatKey;SharedAccessKey=--ACCESS_KEY_GENERATED_IN_AZURE--=;EntityPath=insights-logs-signinlogs"
34.       storage_account: "--STORAGE_NAME--"
35.       storage_account_key: "--STORAGE_KEY_GENERATED_IN_AZURE--"
36.