mirror of
https://github.com/telekom-security/tpotce.git
synced 2025-07-02 21:12:11 +00:00
fix data fields with regard to the request field, log4pot, nginx
This commit is contained in:
t3chn0m4g3
parent
2226780086
commit
68d6aa4180
2 changed files with 33 additions and 21 deletions
6
docker/elk/logstash/dist/http_output.conf
vendored
6
docker/elk/logstash/dist/http_output.conf
vendored
|
|
@ -578,6 +578,7 @@ filter {
|
||||||
}
|
}
|
||||||
mutate {
|
mutate {
|
||||||
rename => {
|
rename => {
|
||||||
|
"request" => "request_uri"
|
||||||
"server_port" => "dest_port"
|
"server_port" => "dest_port"
|
||||||
"port" => "src_port"
|
"port" => "src_port"
|
||||||
"client" => "src_ip"
|
"client" => "src_ip"
|
||||||
|
|
@ -644,6 +645,11 @@ filter {
|
||||||
date {
|
date {
|
||||||
match => [ "timestamp", "ISO8601" ]
|
match => [ "timestamp", "ISO8601" ]
|
||||||
}
|
}
|
||||||
|
mutate {
|
||||||
|
rename => {
|
||||||
|
"request" => "request_data"
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
# Tanner
|
# Tanner
|
||||||
|
|
|
||||||
6
docker/elk/logstash/dist/logstash.conf
vendored
6
docker/elk/logstash/dist/logstash.conf
vendored
|
|
@ -578,6 +578,7 @@ filter {
|
||||||
}
|
}
|
||||||
mutate {
|
mutate {
|
||||||
rename => {
|
rename => {
|
||||||
|
"request" => "request_uri"
|
||||||
"server_port" => "dest_port"
|
"server_port" => "dest_port"
|
||||||
"port" => "src_port"
|
"port" => "src_port"
|
||||||
"client" => "src_ip"
|
"client" => "src_ip"
|
||||||
|
|
@ -644,6 +645,11 @@ filter {
|
||||||
date {
|
date {
|
||||||
match => [ "timestamp", "ISO8601" ]
|
match => [ "timestamp", "ISO8601" ]
|
||||||
}
|
}
|
||||||
|
mutate {
|
||||||
|
rename => {
|
||||||
|
"request" => "request_data"
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
# Tanner
|
# Tanner
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue