Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Filebeat] Refactor Suricata pipeline to use Ingest Node more #22291

Merged
merged 4 commits into from
Nov 5, 2020
Merged

[Filebeat] Refactor Suricata pipeline to use Ingest Node more #22291

merged 4 commits into from
Nov 5, 2020

Commits on Nov 2, 2020

  1. Refactor the Suricata module pipeline to use Ingest Node more 

    Refactor the Suricata module pipeline to use Ingest Node more. I moved most
processing from Beat processors to Ingest Node. I created a DNS and TLS
pipeline to house all of the processing for those protocols respectively.

Other changes
- Added DNS response IPs to `related.ip`.
- Some DNS events were missing `dns.header_flags`.
    @andrewkroh
    andrewkroh committed Nov 2, 2020
    Configuration menu
    Copy the full SHA
    abd075e View commit details
    Browse the repository at this point in the history

  2. Merge branch 'master' into feature/suricata-ingest-node

    @andrewkroh
    andrewkroh authored Nov 2, 2020
    Configuration menu
    Copy the full SHA
    9e5a614 View commit details
    Browse the repository at this point in the history

Commits on Nov 5, 2020

  1. Use script with params

    @andrewkroh
    andrewkroh committed Nov 5, 2020
    Configuration menu
    Copy the full SHA
    c86b906 View commit details
    Browse the repository at this point in the history

  2. Merge branch 'feature/suricata-ingest-node' of github.com:andrewkroh/… 

    …beats into feature/suricata-ingest-node
    @andrewkroh
    andrewkroh committed Nov 5, 2020
    Configuration menu
    Copy the full SHA
    2b0cd1d View commit details
    Browse the repository at this point in the history