CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

suricata capture_file

Browse Source
This commit is contained in:
reyesj2
2025-11-20 14:16:49 -06:00
parent 433dab7376
commit 6f42ff3442
1 changed files with 7 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
salt/elasticsearch/files/ingest/suricata.common
View File

@@ -138,6 +138,13 @@
"ignore_failure": false "ignore_failure": false
} }
}, },
{
"rename": {
"field": "message2.capture_file",
"target_field": "suricata.capture_file",
"ignore_missing": true
}
},
{ {
"pipeline": { "pipeline": {
"if": "ctx?.event?.dataset != null", "if": "ctx?.event?.dataset != null",