CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Correct indentation in filebeat.yaml

Browse Source
This commit is contained in:
Jason Ertel
2020-07-01 15:39:23 -04:00
parent 549fd93cba
commit d6feafb12a
2 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
salt/common/tools/sbin/so-import-pcap Normal file → Executable file
View File

10
salt/filebeat/etc/filebeat.yml
View File

@@ -127,11 +127,11 @@ filebeat.inputs:
category: network
imported: true
processors:
- dissect:
tokenizer: "/nsm/import/%{import_id}/zeek/logs/%{import_source}"
field: "source"
target_prefix: ""
- drop_fields:
- dissect:
tokenizer: "/nsm/import/%{import_id}/zeek/logs/%{import_source}"
field: "source"
target_prefix: ""
- drop_fields:
fields: ["source", "prospector", "input", "offset", "beat"]
fields_under_root: true