Merge pull request #9662 from Security-Onion-Solutions/fix/elasticsearch_ingest_pipeline_event.dataset_rename

Change event.dataset value for zeek.files and zeek.tunnels ingest pipelines

salt/elasticsearch/files/ingest/zeek.files

@@ -1,7 +1,7 @@
 {
   "description" : "zeek.files",
   "processors" : [
-    { "set": { "field": "event.dataset", "value": "files" } },
+    { "set": { "field": "event.dataset", "value": "file" } },
     { "remove":         { "field": ["host"],     "ignore_failure": true                                                                  } },
     { "json":		{ "field": "message",			"target_field": "message2",		"ignore_failure": true	} },
     { "rename": 	{ "field": "message2.fuid", 	 	"target_field": "log.id.fuid",			"ignore_missing": true 	} },

salt/elasticsearch/files/ingest/zeek.tunnels

@@ -1,7 +1,7 @@
 {
   "description" : "zeek.tunnels",
   "processors" : [
-    { "set": { "field": "event.dataset", "value": "tunnels" } },
+    { "set": { "field": "event.dataset", "value": "tunnel" } },
     { "remove":         { "field": ["host"],     "ignore_failure": true                                                                  } },
     { "json":		{ "field": "message",			"target_field": "message2",		"ignore_failure": true	} },
     { "rename": 	{ "field": "message2.tunnel_type", 	"target_field": "tunnel.type",		"ignore_missing": true 	} },