Merge pull request #102 from dougburks/master

incoming bro_tunnel logs should go to bro_tunnels
2025-12-06 09:12:45 +01:00 · 2019-09-24 14:04:01 -04:00
parent 8ccf3c9119 cb899943aa
commit d01acea307
1 changed files with 7 additions and 0 deletions
--- a/salt/elasticsearch/files/ingest/bro_tunnel
+++ b/salt/elasticsearch/files/ingest/bro_tunnel
@@ -0,0 +1,7 @@
+{
+  "description" : "bro_tunnel",
+  "processors" : [
+    { "set":		{ "field": "event_type", "value": "bro_tunnels"								} },
+    { "pipeline":       { "name": "bro_tunnels"                                                                                 } }
+  ]
+}