CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix zeek logs in filebeat

Browse Source
This commit is contained in:
Mike Reeves
2022-09-26 17:01:44 -04:00
parent ea8d9362ae
commit aa7dd47b00
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
salt/filebeat/etc/filebeat.yml
View File

@@ -131,7 +131,7 @@ filebeat.inputs:
{%- if grains['role'] in ['so-eval', 'so-standalone', 'so-sensor', 'so-helix', 'so-heavynode', 'so-import'] %} {%- if grains['role'] in ['so-eval', 'so-standalone', 'so-sensor', 'so-helix', 'so-heavynode', 'so-import'] %}
{%- if ZEEKVER != 'SURICATA' %} {%- if ZEEKVER != 'SURICATA' %}
{%- for LOGNAME in salt['pillar.get']('zeeklogs:enabled', '') %} {%- for LOGNAME in salt['pillar.get']('filebeat:zeek_logs_enabled', '') %}
- type: filestream - type: filestream
id: zeek-{{ LOGNAME }} id: zeek-{{ LOGNAME }}
paths: paths: