CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #8275 from Security-Onion-Solutions/fix/filebeat_es_output_additions

Browse Source 
Specify outputs for Elasticsearch and Kibana for Eval and Import Mode
This commit is contained in:
weslambert
2022-07-11 19:03:07 -04:00
committed by GitHub
parent d828bbfe47 11d3ed36b7
commit e9a22d0aff
1 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
salt/filebeat/etc/filebeat.yml
View File

@@ -449,6 +449,12 @@ output.elasticsearch:
- index: "so-logscan" - index: "so-logscan"
when.contains: when.contains:
module: "logscan" module: "logscan"
- index: "so-elasticsearch-%{+YYYY.MM.dd}"
when.contains:
event.module: "elasticsearch"
- index: "so-kibana-%{+YYYY.MM.dd}"
when.contains:
event.module: "kibana"
setup.template.enabled: false setup.template.enabled: false
{%- else %} {%- else %}