Skip to content

Mapping Corelight or Zeek data to Elastic Common Schema fields

License

BSD-3-Clause, BSD-3-Clause licenses found

Licenses found

BSD-3-Clause
LICENSE
BSD-3-Clause
COPYING
Notifications You must be signed in to change notification settings

corelight/ecs-mapping

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

95 Commits
 
 
 
 
 
 
 
 
 
 

Corelight ECS Ingest Pipeline

The repository is compromised of Ingest Pipeline files required to be used with the installer script in the repository
https://github.com/corelight/ecs-templates

The installer in that repository will download the files from this repository therefore using this repository directly is not required nor recommended.

License

The files and automation script are open-source under a BSD license. See COPYINGfor details.

Github Repository Definitions

Elasticsearch templates

https://github.com/corelight/ecs-templates

  • Elasticsearch index templates, component templates, ilm policies, settings, and mappings
  • Install Script

Logstash Pipelines

https://github.com/corelight/ecs-logstash-mappings

  • Logstash pipeline configurations

Ingest Pipelines (This Repository)

https://github.com/corelight/ecs-mapping

  • Ingest pipeline configurations

Kibana Dashboards and Visualizations

https://github.com/corelight/ecs-dashboards

Kibana Security Rules and Alerts

https://github.com/corelight/Elasticsearch_rules

About

Mapping Corelight or Zeek data to Elastic Common Schema fields

Resources

License

BSD-3-Clause, BSD-3-Clause licenses found

Licenses found

BSD-3-Clause
LICENSE
BSD-3-Clause
COPYING

Stars

Watchers

Forks

Packages

No packages published