start integrating new honeypots into ELK

2025-04-20 06:02:24 +00:00 · 2021-10-27 16:14:52 +00:00 · 2021-10-27 16:14:52 +00:00 · 1a844d13ba
commit 1a844d13ba
parent 348a5d572b
1 changed files with 9 additions and 0 deletions
--- a/docker/elk/logstash/dist/logstash.conf
+++ b/docker/elk/logstash/dist/logstash.conf
@ -517,6 +517,15 @@ filter {
    }
  }

+# Redishoneypot
+  if [type] == "Redishoneypot" {
+    date {
+      match => [ "time", "yyyy-MM-dd HH:mm:ss" ]
+      remove_field => ["time"]
+      remove_field => ["timestamp"]
+    }
+  }
+
 # NGINX
  if [type] == "NGINX" {
    date {