mirror of
https://github.com/valitydev/SigmaHQ.git
synced 2024-11-06 09:25:17 +00:00
16 lines
345 B
YAML
16 lines
345 B
YAML
|
logsources:
|
||
|
|
apache:
|
||
|
|
category: webserver
|
||
|
|
index: logstash-apache-*
|
||
|
|
webapp-error:
|
||
|
|
category: application
|
||
|
|
index: logstash-apache_error-*
|
||
|
|
linux-auth:
|
||
|
|
product: linux
|
||
|
|
service: auth
|
||
|
|
index: logstash-auth-*
|
||
|
|
fieldmappings:
|
||
|
|
client_ip: clientip
|
||
|
|
url: request
|
||
|
|
defaultindex: logstash-*
|