# Author: Justin Henderson
#         SANS Instructor and author of SANS SEC555: SIEM and Tactical Analytics
# Email: justin@hasecuritysolution.com
# Last Update: 12/9/2016

filter {
  if [test] == "test" {
    mutate {
      remove_field => [ "test" ]
      add_tag => [ "test_data" ]
    }
	mutate {
		#add_tag => [ "conf_file_1998"]
	}
  }
}