CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Helix - Final Parser Fixes

Browse Source
This commit is contained in:
Mike Reeves
2019-12-13 13:59:29 -05:00
parent 684ab737bf
commit e49de63460
2 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
salt/logstash/files/dynamic/9997_output_helix.conf
View File

@@ -27,9 +27,11 @@ filter {
#rename => { "%{[source_geo][country_code]}" => "srccountrycode" }
#rename => { "%{[destination_geo][country_code]}" => "dstcountrycode" }
rename => { "[beat_host][name]" => "sensor" }
copy => { "sensor" => "rawmsghostname" }
rename => { "message" => "rawmsg" }
#rename => { "event_type" => "program" }
copy => { "type" => "class" }
copy => { "class" => "program"}
rename => { "source_port" => "srcport" }
rename => { "destination_port" => "dstport" }
remove_field => ["source_ip", "destination_ip"]

1
setup/so-setup.sh
View File

@@ -153,6 +153,7 @@ if (whiptail_you_sure) ; then
RULESETUP=ETOPEN
NSMSETUP=BASIC
HNSENSOR=inherit
LS_HEAP_SIZE="1000m"
calculate_useable_cores
whiptail_make_changes
set_hostname