CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Support document_id

Browse Source
This commit is contained in:
Wes
2023-11-01 13:36:32 +00:00
parent ae45d40eca
commit 4dc64400c5
1 changed files with 19 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
salt/logstash/pipelines/config/so/9805_output_elastic_agent.conf.jinja
View File

@@ -1,6 +1,21 @@
output { output {
if "elastic-agent" in [tags] { if "elastic-agent" in [tags] {
if [metadata][pipeline] { if [metadata][pipeline] {
if [metadata][_id] {
elasticsearch {
hosts => "{{ GLOBALS.manager }}"
ecs_compatibility => v8
data_stream => true
user => "{{ ES_USER }}"
password => "{{ ES_PASS }}"
document_id => "%{[metadata][_id]}"
pipeline => "%{[metadata][pipeline]}"
silence_errors_in_log => ["version_conflict_engine_exception"]
ssl => true
ssl_certificate_verification => false
}
}
else {
elasticsearch { elasticsearch {
hosts => "{{ GLOBALS.manager }}" hosts => "{{ GLOBALS.manager }}"
ecs_compatibility => v8 ecs_compatibility => v8
@@ -12,6 +27,7 @@ output {
ssl_certificate_verification => false ssl_certificate_verification => false
} }
} }
}
else { else {
elasticsearch { elasticsearch {
hosts => "{{ GLOBALS.manager }}" hosts => "{{ GLOBALS.manager }}"
@@ -25,4 +41,3 @@ output {
} }
} }
} }