Merge pull request #14531 from Security-Onion-Solutions/2.4/saltlogs

Extract log level and drop INFO level
2025-12-06 09:12:45 +01:00 · 2025-04-11 07:47:25 -04:00
parent 270958ddfc f94c81a041
commit 4217e23272
1 changed files with 2 additions and 1 deletions
--- a/salt/elasticfleet/files/integrations/grid-nodes_general/system-grid-nodes.json
+++ b/salt/elasticfleet/files/integrations/grid-nodes_general/system-grid-nodes.json
@@ -31,7 +31,8 @@
            ],
            "tags": [
              "so-grid-node"
-            ]
+            ],
+            "processors": "- if:\n    contains:\n      message: \"salt-minion\"\n  then: \n    - dissect:\n        tokenizer: \"%{} %{} %{} %{} %{} %{}: [%{log.level}] %{*}\"\n        field: \"message\"\n        trim_values: \"all\"\n        target_prefix: \"\"\n    - drop_event:\n        when:\n          equals:\n            log.level: \"INFO\"",
          }
        }
      }