infosecn1nja
/
HELK
mirror of https://github.com/infosecn1nja/HELK.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

updated logstash output to try two hosts

keyword-vs-text-changes
Roberto Rodriguez 2017-08-12 01:29:45 -04:00
parent bda7ab415a
commit 1453b3fea0
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
logstash/pipeline/50-elasticsearch-output.conf
View File

@ -1,7 +1,7 @@
output { output {
if [@metadata][source] == "winlogbeat" { if [@metadata][source] == "winlogbeat" {
elasticsearch { elasticsearch {
hosts => ["elasticsearch:9200"] hosts => ["elasticsearch:9200", "127.0.0.1:9200"]
sniffing => true sniffing => true
manage_template => false manage_template => false
index => "%{[@metadata][beat]}-%{+YYYY.MM.dd}" index => "%{[@metadata][beat]}-%{+YYYY.MM.dd}"