CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add exclude filter for logs for when there are no results from analysis

Browse Source
This commit is contained in:
weslambert
2022-03-24 13:03:03 -04:00
committed by GitHub
parent 8a56c88773
commit fbc86f43ec
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
salt/filebeat/etc/filebeat.yml
View File

@@ -269,7 +269,7 @@ filebeat.inputs:
- type: filestream
paths:
- /nsm/rita/beacons.csv
exclude_lines: ['^Score', '^Source', '^Domain']
exclude_lines: ['^Score', '^Source', '^Domain', '^No results']
fields:
module: rita
dataset: beacon
@@ -285,7 +285,7 @@ filebeat.inputs:
paths:
- /nsm/rita/long-connections.csv
- /nsm/rita/open-connections.csv
exclude_lines: ['^Source']
exclude_lines: ['^Source', '^No results']
fields:
module: rita
dataset: connection
@@ -300,7 +300,7 @@ filebeat.inputs:
- type: filestream
paths:
- /nsm/rita/exploded-dns.csv
exclude_lines: ['^Domain']
exclude_lines: ['^Domain', '^No results']
fields:
module: rita
dataset: dns