# Original Author: Justin Henderson
#         SANS Instructor and author of SANS SEC555: SIEM and Tactical Analytics
# Updated by: Doug Burks
# Last Update: 5/15/2017

input {
  tcp {
    port => 6050
    codec =>   json
    tags => "syslogng"
  }
}
filter {
  if "syslogng" in [tags] {
	mutate {
	  #add_tag => [ "conf_file_0000"]
	}
  }  
}