CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

add some more fields

Browse Source
This commit is contained in:
Wes Lambert
2020-03-24 03:43:31 +00:00
parent a01b0e44e1
commit 083c588a87
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
salt/elasticsearch/files/ingest/zeek.weird
View File

@@ -6,6 +6,9 @@
{ "rename": { "field": "message2.addl", "target_field": "weird.additional_info", "ignore_missing": true } },
{ "rename": { "field": "message2.notice", "target_field": "weird.notice", "ignore_missing": true } },
{ "rename": { "field": "message2.peer", "target_field": "weird.peer", "ignore_missing": true } },
{ "rename": { "field": "message2.p", "target_field": "weird.p", "ignore_missing": true } },
{ "rename": { "field": "message2.dst", "target_field": "destination.ip", "ignore_missing": true } },
{ "rename": { "field": "message2.src", "target_field": "source.ip", "ignore_missing": true } },
{ "pipeline": { "name": "zeek.common" } }
]
}