From 12f0195f292f7e44f007e1b1f85da6e8fba3db08 Mon Sep 17 00:00:00 2001
From: reyesj2 <94730068+reyesj2@users.noreply.github.com>
Date: Mon, 17 Feb 2025 12:28:23 -0600
Subject: [PATCH] pfsense integration - keep suricata events

---
 salt/elasticsearch/files/ingest/logs-pfsense.log-1.20.2 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/salt/elasticsearch/files/ingest/logs-pfsense.log-1.20.2 b/salt/elasticsearch/files/ingest/logs-pfsense.log-1.20.2
index 78a65b444..d12a03149 100644
--- a/salt/elasticsearch/files/ingest/logs-pfsense.log-1.20.2
+++ b/salt/elasticsearch/files/ingest/logs-pfsense.log-1.20.2
@@ -167,7 +167,7 @@
     },
     {
       "drop": {
-        "if": "![\"filterlog\", \"openvpn\", \"charon\", \"dhcpd\", \"dhclient\", \"dhcp6c\", \"unbound\", \"haproxy\", \"php-fpm\", \"squid\", \"snort\"].contains(ctx.event?.provider)"
+        "if": "![\"filterlog\", \"openvpn\", \"charon\", \"dhcpd\", \"dhclient\", \"dhcp6c\", \"unbound\", \"haproxy\", \"php-fpm\", \"squid\", \"snort\", \"suricata\"].contains(ctx.event?.provider)"
       }
     },
     {