CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-05-06 03:17:53 +02:00
Code Issues Packages Projects Releases Wiki Activity

change reference from bro to zeek

Browse Source
This commit is contained in:
m0duspwnens
2020-07-17 14:41:44 -04:00
parent 74f6f2abee
commit e3efaee864
15 changed files with 60 additions and 60 deletions
Download Patch File Download Diff File Expand all files Collapse all files
salt/filebeat/etc/filebeat.yml
+3 -3
View File
@@ -6,7 +6,7 @@
{%- set HOSTNAME = salt['grains.get']('host', '') %}
{%- set BROVER = salt['pillar.get']('static:broversion', 'COMMUNITY') %}
{%- set ZEEKVER = salt['pillar.get']('static:zeekversion', 'COMMUNITY') %}
{%- set WAZUHENABLED = salt['pillar.get']('static:wazuh', '0') %}
{%- set STRELKAENABLED = salt['pillar.get']('strelka:enabled', '0') %}
{%- set FLEETMANAGER = salt['pillar.get']('static:fleet_manager', False) -%}
@@ -100,8 +100,8 @@ filebeat.inputs:
- drop_fields:
fields: ["source", "prospector", "input", "offset", "beat"]
fields_under_root: true
{%- if BROVER != 'SURICATA' %}
{%- for LOGNAME in salt['pillar.get']('brologs:enabled', '') %}
{%- if ZEEKVER != 'SURICATA' %}
{%- for LOGNAME in salt['pillar.get']('zeeklogs:enabled', '') %}
- type: log
paths:
- /nsm/zeek/logs/current/{{ LOGNAME }}.log