Cyberdefense/VulnWhisperer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update 1000_nessus_process_file.conf

Browse Source
This commit is contained in:
Austin Taylor
2018-02-17 22:57:32 -05:00
committed by GitHub
parent 42e72c36dd
commit 13dbc79b27
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
logstash/1000_nessus_process_file.conf
View File

@ -4,6 +4,7 @@
# Version 0.3 # Version 0.3
# Description: Take in nessus reports from vulnWhisperer and pumps into logstash # Description: Take in nessus reports from vulnWhisperer and pumps into logstash
input { input {
file { file {
path => "/opt/vulnwhisperer/nessus/**/*" path => "/opt/vulnwhisperer/nessus/**/*"
@ -33,7 +34,8 @@ filter {
separator => "," separator => ","
source => "message" source => "message"
} }
#If using filebeats as your source, you will need to replace the "path" field to "source"
grok { grok {
match => { "path" => "(?<scan_name>[a-zA-Z0-9_.\-]+)_%{INT:scan_id}_%{INT:history_id}_%{INT:last_updated}.csv$" } match => { "path" => "(?<scan_name>[a-zA-Z0-9_.\-]+)_%{INT:scan_id}_%{INT:history_id}_%{INT:last_updated}.csv$" }
tag_on_failure => [] tag_on_failure => []