CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 17:52:46 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add event_data to common template so elastalert/playbook event_data fields can be indexed and searchable

Browse Source
This commit is contained in:
Wes Lambert
2021-05-03 17:03:30 +00:00
parent da19df5174
commit 619402cc67
1 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
salt/elasticsearch/templates/so/so-common-template.json
View File

@@ -228,7 +228,11 @@
"event":{
"type":"object",
"dynamic": true
},
},
"event_data":{
"type":"object",
"dynamic": true
},
"file":{
"type":"object",
"dynamic": true