From 12f426d4f4bb80f58cc82fd7bb3a9766102f24d0 Mon Sep 17 00:00:00 2001
From: weslambert <wlambertts@gmail.com>
Date: Thu, 28 May 2020 12:59:41 -0400
Subject: [PATCH] Move eve.json to /nsm

---
 salt/suricata/files/suricata.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/salt/suricata/files/suricata.yaml b/salt/suricata/files/suricata.yaml
index d896167be..c87c75447 100644
--- a/salt/suricata/files/suricata.yaml
+++ b/salt/suricata/files/suricata.yaml
@@ -95,7 +95,7 @@ outputs:
   - eve-log:
       enabled: yes
       filetype: regular #regular|syslog|unix_dgram|unix_stream|redis
-      filename: eve.json
+      filename: /nsm/eve.json
       rotate-interval: day
       
       #prefix: "@cee: " # prefix to prepend to each log entry
@@ -1880,4 +1880,4 @@ reference-config-file: /etc/suricata/reference.config
 # Includes.  Files included here will be handled as if they were
 # inlined in this configuration file.
 #include: include1.yaml
-#include: include2.yaml
\ No newline at end of file
+#include: include2.yaml