From cac7cdcec6288a92703880c87fb0a699b71cf283 Mon Sep 17 00:00:00 2001
From: Marco Ochse <t3chn0m4g3@users.noreply.github.com>
Date: Mon, 17 Jan 2022 17:10:48 +0100
Subject: [PATCH] fix data fields with regard to the request field, log4pot,
 nginx

---
 docker/elk/logstash/dist/http_output.conf | 6 ++++++
 docker/elk/logstash/dist/logstash.conf    | 6 ++++++
 2 files changed, 12 insertions(+)

diff --git a/docker/elk/logstash/dist/http_output.conf b/docker/elk/logstash/dist/http_output.conf
index 7ba380c2..7a27cc4f 100644
--- a/docker/elk/logstash/dist/http_output.conf
+++ b/docker/elk/logstash/dist/http_output.conf
@@ -578,6 +578,7 @@ filter {
     }
     mutate {
       rename => {
+        "request" => "request_uri"
         "server_port" => "dest_port"
         "port" => "src_port"
         "client" => "src_ip"
@@ -644,6 +645,11 @@ filter {
     date {
       match => [ "timestamp", "ISO8601" ]
     }
+    mutate {
+      rename => {
+        "request" => "request_data"
+      }
+    }
   }
 
 # Tanner
diff --git a/docker/elk/logstash/dist/logstash.conf b/docker/elk/logstash/dist/logstash.conf
index 63fd324e..304f705d 100644
--- a/docker/elk/logstash/dist/logstash.conf
+++ b/docker/elk/logstash/dist/logstash.conf
@@ -578,6 +578,7 @@ filter {
     }
     mutate {
       rename => {
+        "request" => "request_uri"
         "server_port" => "dest_port"
         "port" => "src_port"
         "client" => "src_ip"
@@ -644,6 +645,11 @@ filter {
     date {
       match => [ "timestamp", "ISO8601" ]
     }
+    mutate {
+      rename => {
+        "request" => "request_data"
+      }
+    }
   }
 
 # Tanner