From 13dbc79b27e5dc0f036e82e78d63d1072368cee4 Mon Sep 17 00:00:00 2001
From: Austin Taylor <github@austintaylor.io>
Date: Sat, 17 Feb 2018 22:57:32 -0500
Subject: [PATCH] Update 1000_nessus_process_file.conf

---
 logstash/1000_nessus_process_file.conf | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/logstash/1000_nessus_process_file.conf b/logstash/1000_nessus_process_file.conf
index 019b696..ed0bc1e 100644
--- a/logstash/1000_nessus_process_file.conf
+++ b/logstash/1000_nessus_process_file.conf
@@ -4,6 +4,7 @@
 # Version 0.3
 # Description: Take in nessus reports from vulnWhisperer and pumps into logstash
 
+
 input {
   file {
     path => "/opt/vulnwhisperer/nessus/**/*"
@@ -33,7 +34,8 @@ filter {
       separator => ","
       source => "message"
     }
-
+    
+    #If using filebeats as your source, you will need to replace the "path" field to "source"
     grok {
       match => { "path" => "(?<scan_name>[a-zA-Z0-9_.\-]+)_%{INT:scan_id}_%{INT:history_id}_%{INT:last_updated}.csv$" }
       tag_on_failure => []