CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-08 18:22:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

Set RITA event.dataset value explicitly

Browse Source
This commit is contained in:
Wes
2023-01-24 18:00:34 +00:00
parent 38ead7cb82
commit 4b9c92c53d
3 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
salt/elasticsearch/files/ingest/rita.beacon
View File

@@ -3,8 +3,8 @@
"processors": [ "processors": [
{ {
"set": { "set": {
"field": "_index", "field": "event.dataset",
"value": "so-rita", "value": "beacon",
"override": true "override": true
} }
}, },

4
salt/elasticsearch/files/ingest/rita.connection
View File

@@ -3,8 +3,8 @@
"processors": [ "processors": [
{ {
"set": { "set": {
"field": "_index", "field": "event.dataset",
"value": "so-rita", "value": "connection",
"override": true "override": true
} }
}, },

4
salt/elasticsearch/files/ingest/rita.dns
View File

@@ -3,8 +3,8 @@
"processors": [ "processors": [
{ {
"set": { "set": {
"field": "_index", "field": "event.dataset",
"value": "so-rita", "value": "dns",
"override": true "override": true
} }
}, },