# Author: Justin Henderson
#         SANS Instructor and author of SANS SEC555: SIEM and Tactical Analytics
# Email: justin@hasecuritysolution.com
# Last Update: 12/9/2016

input {
  tcp {
    port => 6052
    type => "windows"
    tags => [ "json" ]
    codec =>   json {
      charset => "CP1252"
    }
  }
}
filter {
  if [type] == "windows" {
    mutate {
		#add_tag => [ "conf_file_0002"]
	}
  }
}