remove glastopf

docker/elk/logstash/dist/logstash.conf

@@ -64,12 +64,6 @@ input {
     type => "ElasticPot"
   }
 
-# Glastopf
-  file {
-    path => ["/data/glastopf/log/glastopf.log"]
-    type => "Glastopf"
-  }
-
 # Glutton
   file {
     path => ["/data/glutton/log/glutton.log"]
@@ -271,17 +265,6 @@ filter {
     }
   }
 
-# Glastopf
-  if [type] == "Glastopf" {
-    grok {
-      match => [ "message", "\A%{TIMESTAMP_ISO8601:timestamp}%{SPACE}%{NOTSPACE}%{SPACE}%{IP:src_ip}%{SPACE}%{WORD}%{SPACE}%{URIPROTO:http_method}%{SPACE}%{NOTSPACE:http_uri}%{SPACE}%{NOTSPACE}%{SPACE}%{HOSTNAME}:%{NUMBER:dest_port:integer}" ]
-    }
-    date {
-      match => [ "timestamp", "yyyy-MM-dd HH:mm:ss,SSS" ]
-      remove_field => ["timestamp"]
-    }
-  }
-
 # Glutton
   if [type] == "Glutton" {
     date {
@@ -434,7 +417,7 @@ if "_grokparsefailure" in [tags] { drop {} }
   }
 
 # Add T-Pot hostname and external IP
-  if [type] == "Adbhoney" or [type] == "Ciscoasa" or [type] == "ConPot" or [type] == "Cowrie" or [type] == "Dionaea" or [type] == "ElasticPot" or [type] == "Fatt" or [type] == "Glastopf" or [type] == "Glutton" or [type] == "Honeytrap" or [type] == "Heralding" or [type] == "Honeypy" or [type] == "Mailoney" or [type] == "Medpot" or [type] == "P0f" or [type] == "Rdpy" or [type] == "Suricata" or [type] == "Tanner" {
+  if [type] == "Adbhoney" or [type] == "Ciscoasa" or [type] == "ConPot" or [type] == "Cowrie" or [type] == "Dionaea" or [type] == "ElasticPot" or [type] == "Fatt" or [type] == "Glutton" or [type] == "Honeytrap" or [type] == "Heralding" or [type] == "Honeypy" or [type] == "Mailoney" or [type] == "Medpot" or [type] == "P0f" or [type] == "Rdpy" or [type] == "Suricata" or [type] == "Tanner" {
     mutate {
       add_field => {
         "t-pot_ip_ext" => "${MY_EXTIP}"