mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2025-12-14 21:22:48 +01:00
18 lines
426 B
Plaintext
18 lines
426 B
Plaintext
# Author: Doug Burks
|
|
#
|
|
# Last Update: 09/24/2018
|
|
#
|
|
# This conf file is for beat data
|
|
|
|
filter {
|
|
if "beat" in [tags] {
|
|
mutate {
|
|
# As of beats 6.3.0, host is now an object:
|
|
# https://www.elastic.co/guide/en/beats/libbeat/current/release-notes-6.3.0.html
|
|
# This creates a conflict with our existing host string.
|
|
# So let's rename the host object to beat_host.
|
|
rename => { "host" => "beat_host" }
|
|
}
|
|
}
|
|
}
|