add strelka index

2025-12-06 17:22:49 +01:00 · 2020-04-01 13:02:36 +00:00
parent d8f30a0240
commit 6cc757e1de
1 changed files with 3 additions and 0 deletions
--- a/salt/filebeat/etc/filebeat.yml
+++ b/salt/filebeat/etc/filebeat.yml
@@ -193,6 +193,9 @@ output.elasticsearch:
    - index: "so-ossec-%{+yyyy.MM.dd}"
      when.contains:
        module: "ossec"
+    - index: "so-strelka-%{+yyyy.MM.dd}"
+      when.contains:
+        module: "strelka"

 #output.logstash:
  # Boolean flag to enable or disable the output module.