CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
8d2701e1436fa7da0f54223f5a3da753dbbe49ab
securityonion/salt/elasticsearch/files/ingest/zeek.traceroute
reyesj2 4bd83f8983 zeek traceroute & ntp 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
2025-03-03 10:48:06 -06:00

11 lines
533 B
Plaintext
Raw Blame History

{
"description":"zeek.traceroute",
"processors":[
{"set": {"field":"event.dataset", "value":"traceroute" }},
{"json": {"field":"message", "target_field":"message2" }},
{"rename": {"field":"message2.src", "target_field":"source.ip", "ignore_missing":true,"ignore_failure":true}},
{"rename": {"field":"message2.dst", "target_field":"destination.ip", "ignore_missing":true,"ignore_failure":true}},
{"pipeline": {"name":"zeek.common"}}
]
}
Reference in New Issue View Git Blame Copy Permalink