From 05accf301748907e0deda580fba7d512dab392ed Mon Sep 17 00:00:00 2001
From: Wes Lambert <wlambertts@gmail.com>
Date: Fri, 30 Nov 2018 13:17:53 +0000
Subject: [PATCH] Logstash - Output config update for IDS type

---
 salt/logstash/files/dynamic/9033_output_snort.conf | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/salt/logstash/files/dynamic/9033_output_snort.conf b/salt/logstash/files/dynamic/9033_output_snort.conf
index a953a2db2..6c310b91e 100644
--- a/salt/logstash/files/dynamic/9033_output_snort.conf
+++ b/salt/logstash/files/dynamic/9033_output_snort.conf
@@ -9,14 +9,14 @@
 # Last Update: 12/9/2016
 
 filter {
-  if [event_type] == "snort" and "test_data" not in [tags] {
+  if [event_type] == "ids" and "test_data" not in [tags] {
     mutate {
 	  ##add_tag => [ "conf_file_9033"]
 	}
   }
 }
 output {
-    if [event_type] == "snort" and "test_data" not in [tags] {
+    if [event_type] == "ids" and "test_data" not in [tags] {
     #stdout { codec => rubydebug }
     elasticsearch {
       hosts => "{{ ES }}"