Skip to content

Commit

Permalink
Merge pull request #902 from ajpc500/develop
Browse files Browse the repository at this point in the history 
Update inputs.conf with Additional Zeek Logs
  • Loading branch information
@P4T12ICK
P4T12ICK authored Aug 12, 2024
2 parents 41134a8 + 59f861e commit 012bc27
Showing 1 changed file with 25 additions and 0 deletions.
25 changes: 25 additions & 0 deletions packer/ansible/roles/zeek_sensor/files/inputs.conf
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,31 @@
[default]
host = zeek

[monitor:///opt/zeek/logs/current/weird.log]
_TCP_ROUTING = *
index = zeek
sourcetype = bro:weird:json

[monitor:///opt/zeek/logs/current/notice.log]
_TCP_ROUTING = *
index = zeek
sourcetype = bro:notice:json

[monitor:///opt/zeek/logs/current/ntlm.log]
_TCP_ROUTING = *
index = zeek
sourcetype = bro:ntlm:json

[monitor:///opt/zeek/logs/current/kerberos.log]
_TCP_ROUTING = *
index = zeek
sourcetype = bro:kerberos:json

[monitor:///opt/zeek/logs/current/dce_rpc.log]
_TCP_ROUTING = *
index = zeek
sourcetype = bro:dce_rpc:json

[monitor:///opt/zeek/logs/current/conn.log]
_TCP_ROUTING = *
index = zeek
Expand Down

0 comments on commit 012bc27

Please sign in to comment.