diff --git a/salt/logstash/pipelines/config/so/9050_output_elasticsearch.jinja b/salt/logstash/pipelines/config/so/9050_output_elasticsearch.jinja index 5013bafc1..eb0d8ef0c 100644 --- a/salt/logstash/pipelines/config/so/9050_output_elasticsearch.jinja +++ b/salt/logstash/pipelines/config/so/9050_output_elasticsearch.jinja @@ -4,15 +4,17 @@ {%- set ES = salt['pillar.get']('elasticsearch:mainip', '') -%} {%- endif %} output { - if [module] =~ "suricata" and "import" not in [tags] { - elasticsearch { - pipeline => "%{module}.%{dataset}" - hosts => "{{ ES }}" - index => "so-ids" - template_name => "so-ids" - template => "/templates/so-ids-template.json" - ssl => true - ssl_certificate_verification => false - } - } + if [event][module] == 'elasticsearch' { + elasticsearch { + id => "elastic_logs" + pipeline => "filebeat-%{[agent][version]}-elasticsearch-%{[fileset][name]}-pipeline" + hosts => "{{ ES }}" + index => "so-grid-%{+YYYY.MM.dd}" + template_name => "so-common" + template => "/templates/so-common-template.json" + template_overwrite => true + ssl => true + ssl_certificate_verification => false + } + } } diff --git a/salt/logstash/pipelines/config/so/9400_output_suricata.conf.jinja b/salt/logstash/pipelines/config/so/9400_output_suricata.conf.jinja index 999b270cf..b56f35a29 100644 --- a/salt/logstash/pipelines/config/so/9400_output_suricata.conf.jinja +++ b/salt/logstash/pipelines/config/so/9400_output_suricata.conf.jinja @@ -4,15 +4,15 @@ {%- set ES = salt['pillar.get']('elasticsearch:mainip', '') -%} {%- endif %} output { - if [event][module] =~ "suricata" and "import" not in [tags] { + if [module] =~ "suricata" and "import" not in [tags] { elasticsearch { - pipeline => "filebeat-%{[agent][version]}-suricata-%{[fileset][name]}-pipeline" + pipeline => "%{module}.%{dataset}" hosts => "{{ ES }}" index => "so-ids" - template_name => "so-ids-%{+YYYY.MM.dd}" + template_name => "so-ids" template => "/templates/so-ids-template.json" ssl => true ssl_certificate_verification => false } } -} +} \ No newline at end of file