Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-03 07:08:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Make default index name 'bro'.

Browse source
This commit is contained in:
Vlad Grigorescu 2012-06-05 17:24:13 -04:00
parent 5db027e39f
commit a3b330dbc6
2 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

2
doc/logging-elasticsearch.rst
View file

@ -80,7 +80,7 @@ Bro's ElasticSearch writer comes with a few configuration options::
- server_port: What port to send the data to. Default 9200. - server_port: What port to send the data to. Default 9200.
- index_name: ElasticSearch indexes are like databases in a standard DB model. - index_name: ElasticSearch indexes are like databases in a standard DB model.
This is the name of the index to which to send the data. Default bro-logs. This is the name of the index to which to send the data. Default bro.
- type_prefix: ElasticSearch types are like tables in a standard DB model. This is a prefix that gets prepended to Bro log names. Example: type_prefix = "bro_" would create types "bro_dns", "bro_http", etc. Default: none. - type_prefix: ElasticSearch types are like tables in a standard DB model. This is a prefix that gets prepended to Bro log names. Example: type_prefix = "bro_" would create types "bro_dns", "bro_http", etc. Default: none.

2
scripts/base/frameworks/logging/writers/elasticsearch.bro
View file

@ -11,7 +11,7 @@ export {
const server_port = 9200 &redef; const server_port = 9200 &redef;
## Name of the ES index ## Name of the ES index
const index_name = "bro-logs" &redef; const index_name = "bro" &redef;
## The ES type prefix comes before the name of the related log. ## The ES type prefix comes before the name of the related log.
## e.g. prefix = "bro_" would create types of bro_dns, bro_software, etc. ## e.g. prefix = "bro_" would create types of bro_dns, bro_software, etc.