From 663b509e903dfb4c6f1fdcf3d97e917b5ff796c7 Mon Sep 17 00:00:00 2001
From: t3chn0m4g3 <t3chn0m4g3@gmail.com>
Date: Mon, 9 Dec 2024 19:44:15 +0100
Subject: [PATCH] go-pot: - remove conflicting field ("type") - ranme duration
=> session_duration
---
docker/elk/logstash/dist/http_output.conf | 3 +++
docker/elk/logstash/dist/logstash.conf | 3 +++
docker/go-pot/dist/config.yml | 2 +-
3 files changed, 7 insertions(+), 1 deletion(-)
diff --git a/docker/elk/logstash/dist/http_output.conf b/docker/elk/logstash/dist/http_output.conf
index 0bbda4fc..d3dd5716 100644
--- a/docker/elk/logstash/dist/http_output.conf
+++ b/docker/elk/logstash/dist/http_output.conf
@@ -520,6 +520,9 @@ filter {
}
mutate {
remove_field => ["ts"]
+ rename => {
+ "duration" => "session_duration"
+ }
}
}
diff --git a/docker/elk/logstash/dist/logstash.conf b/docker/elk/logstash/dist/logstash.conf
index c1b450a4..7f30e746 100644
--- a/docker/elk/logstash/dist/logstash.conf
+++ b/docker/elk/logstash/dist/logstash.conf
@@ -512,6 +512,9 @@ filter {
}
mutate {
remove_field => ["ts"]
+ rename => {
+ "duration" => "session_duration"
+ }
}
}
diff --git a/docker/go-pot/dist/config.yml b/docker/go-pot/dist/config.yml
index 714154db..c8ab9082 100644
--- a/docker/go-pot/dist/config.yml
+++ b/docker/go-pot/dist/config.yml
@@ -56,7 +56,7 @@ server:
# - device_brand: The type of device of the client (Inferred from the user agent)
# - phase: "start" or "end" depending on the phase of the request
# - duration: The duration of the request in milliseconds (Only available as a part of the end phase of a request)
- fields_to_log: "timestamp,id,status,src_ip,method,path,qs,dest_port,type,host,user_agent,browser,browser_version,os,os_version,device,device_brand,phase,duration"
+ fields_to_log: "timestamp,id,status,src_ip,method,path,qs,dest_port,host,user_agent,browser,browser_version,os,os_version,device,device_brand,phase,duration"
# Configuration for logging related settings for go-pot
logging: