{
  "description" : "suricata.smb",
  "processors" : [
    { "rename": 	{ "field": "message2.proto", 		"target_field": "network.transport",		"ignore_missing": true 	} },
    { "rename": 	{ "field": "message2.app_proto", 		"target_field": "network.protocol",		"ignore_missing": true 	} },
    { "rename": 	{ "field": "message2.smb.id", 		"target_field": "smb.id",		"ignore_missing": true 	} },
    { "rename": 	{ "field": "message2.smb.dialect", 		"target_field": "smb.dialect",		"ignore_missing": true 	} },
    { "rename": 	{ "field": "message2.smb.command", 		"target_field": "smb.command",		"ignore_missing": true 	} },
    { "rename": 	{ "field": "message2.smb.status", 		"target_field": "smb.status",		"ignore_missing": true 	} },
    { "rename": 	{ "field": "message2.smb.status_code", 		"target_field": "smb.status_code",		"ignore_missing": true 	} },
    { "rename": 	{ "field": "message2.smb.session_id", 		"target_field": "smb.session_id",		"ignore_missing": true 	} },
    { "rename": 	{ "field": "message2.smb.tree_id", 		"target_field": "smb.tree_id",		"ignore_missing": true 	} },
    { "rename": 	{ "field": "message2.smb.filename", 		"target_field": "smb.filename",		"ignore_missing": true 	} },
    { "rename": 	{ "field": "message2.smb.disposition", 		"target_field": "smb.disposition",		"ignore_missing": true 	} },
    { "rename": 	{ "field": "message2.smb.access", 		"target_field": "smb.access",		"ignore_missing": true 	} },
    { "rename": 	{ "field": "message2.smb.created", 		"target_field": "smb.created",		"ignore_missing": true 	} },
    { "rename": 	{ "field": "message2.smb.accessed", 		"target_field": "smb.accessed",		"ignore_missing": true 	} },
    { "rename": 	{ "field": "message2.smb.modified", 		"target_field": "smb.modified ",		"ignore_missing": true 	} },
    { "rename": 	{ "field": "message2.smb.changed", 		"target_field": "smb.changed",		"ignore_missing": true 	} },
    { "rename": 	{ "field": "message2.smb.size", 		"target_field": "smb.size",		"ignore_missing": true 	} },
    { "rename": 	{ "field": "message2.smb.share", 		"target_field": "smb.share",		"ignore_missing": true 	} },
    { "rename": 	{ "field": "message2.smb.share_type", 		"target_field": "smb.share_type",		"ignore_missing": true 	} },
    { "rename": 	{ "field": "message2.client_dialects", 		"target_field": "smb.client_dialects",		"ignore_missing": true 	} },
    { "rename": 	{ "field": "message2.client_guid", 		"target_field": "smb.client_guid",		"ignore_missing": true 	} },
    { "rename": 	{ "field": "message2.server_guid", 		"target_field": "smb.server_guid",		"ignore_missing": true 	} },
    { "rename": 	{ "field": "message2.request.native_us", 		"target_field": "smb.request.native_us",		"ignore_missing": true 	} },
    { "rename": 	{ "field": "message2.request.native_lm", 		"target_field": "smb.request.native_lm",		"ignore_missing": true 	} },
    { "rename": 	{ "field": "message2.response.native_os", 		"target_field": "smb.response.native_os",		"ignore_missing": true 	} },
    { "rename": 	{ "field": "message2.response.native_lm", 		"target_field": "smb.response.native_lm",		"ignore_missing": true 	} },
    { "pipeline": { "name": "common" } }
  ]
}