Tighten & Document Pipelines

salt/logstash/pipelines/config/so/0013_input_lumberjack_fleet.conf

@@ -1,7 +1,7 @@
 input {
   elastic_agent {
     port => 5056
-    tags => [ "elastic-agent" ]
+    tags => [ "elastic-agent", "fleet-lumberjack-input" ]
     ssl => true
     ssl_certificate => "/usr/share/logstash/elasticfleet-lumberjack.crt"
     ssl_key => "/usr/share/logstash/elasticfleet-lumberjack.key"
@@ -10,9 +10,13 @@ input {
     codec => "json"
   }
 }
+
+
 filter {
+  if "fleet-lumberjack-input" in [tags] {
   mutate {
     rename => {"@metadata" => "metadata"}
   }
 }
+}