19 Commits

Author	SHA1	Message	Date
reyesj2	da9717bc79	don't attempt rename if field doesn't exist -- reducing pipeline stat errors	2025-11-14 08:15:40 -06:00
reyesj2	431e0b0780	format suricata.alert json	2025-11-13 19:29:50 -06:00
Josh Brower	b55cb257b6	Add parsing for Playbook	2025-05-19 13:25:27 -04:00
Josh Brower	0542c77137	Remove wip config	2025-05-14 16:35:09 -04:00
Josh Brower	9022dc24fb	Add Parsing for Playbooks	2025-05-14 13:19:50 -06:00
reyesj2	1396083b7d	use so-elasticsearch-query where possible; simplify suricata.alerts index reroute ... Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>	2025-01-17 13:29:46 -06:00
reyesj2	9032d7d7bc	any suricata.alert with event.imported: true remains in logs-import-so ... Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>	2025-01-16 18:48:31 -06:00
reyesj2	45d3438d18	update ingest pipeline for imported logs ... Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>	2025-01-16 17:33:14 -06:00
Wes	2c635bce62	Set index for Suricata alerts	2024-05-30 17:02:31 +00:00
Wes	5062dd2873	Suricata Elasticsearch ingest node pipeline changes - set 'alert' dataset	2023-01-11 14:02:09 +00:00
Wes Lambert	f0a1457ffd	Update common.nids	2020-10-07 15:14:08 +00:00
Josh Brower	52f7111e1d	Feature - low level alerts	2020-07-09 13:53:55 -04:00
Mike Reeves	25aae21cf6	Trying to get decoded packet	2020-06-02 15:06:39 -04:00
Mike Reeves	b507b87871	Trying to get decoded packet	2020-06-02 14:49:07 -04:00
Mike Reeves	3096d8d988	Add mor suricata ingest parser types	2020-06-02 14:34:38 -04:00
Mike Reeves	0ea2252b5b	Add Suricata Flow pipeline	2020-06-02 13:40:46 -04:00
Mike Reeves	e63f39a9c4	Rename dataset	2020-06-02 11:58:14 -04:00
Josh Brower	62bec93190	suricata parsing	2020-05-12 14:04:02 -04:00
Wes Lambert	c52220330b	modify pipelines	2020-03-14 12:03:32 +00:00