From 7bc9681be863b5bc362bc80ebb87a5c30c85824b Mon Sep 17 00:00:00 2001
From: 9S <strrrn@gmail.com>
Date: Thu, 19 Sep 2019 11:45:54 +0200
Subject: [PATCH] Update README.md

---
 README.md | 24 +++++++++++-------------
 1 file changed, 11 insertions(+), 13 deletions(-)

diff --git a/README.md b/README.md
index 6732588..354c3e8 100644
--- a/README.md
+++ b/README.md
@@ -32,7 +32,7 @@ The result will look like this:
 # HOW TO USE 
  
 ### LOGSTASH HOST 
-1. copy "/conf.d/20-dns-syslog.conf" to your logstash folder (usually /etc/logstash/)
+1. copy "/conf.d/20-dns-syslog.conf" to your logstash folder (usually ```/etc/logstash/```)
 1.1 if you have other files in this folder make sure to properly edit the input/output/filter sections to avoid matching our filebeat dns logs in these files which may be processed earlier. For testing purposes you can name your conf files like so:
 
 ```
@@ -41,19 +41,19 @@ The result will look like this:
 /conf.d/40-other2.conf
 ```
 
-This makes sure that /conf.d/20-dns-syslog.conf is beeing processed at the beginning.
+This makes sure that ```/conf.d/20-dns-syslog.conf``` is beeing processed at the beginning.
 
-2. customize "ELASTICSEARCHHOST:PORT" in the output section at the bottom of the file
+2. customize ```ELASTICSEARCHHOST:PORT``` in the output section at the bottom of the file
 3. copy "dns" to:
 ```/etc/logstash/patterns/``` create the folder if it does not exist
 
 4. restart logstash
 
 ### PI-HOLE
-5. copy "/etc/filebeat/filebeat.yml" to your filebeat installation at the pi-hole instance
-6. customize "LOGSTASHHOST:5141" to match your logstash hostname/ip
+5. copy ```/etc/filebeat/filebeat.yml``` to your filebeat installation at the pi-hole instance
+6. customize ```LOGSTASHHOST:5141``` to match your logstash hostname/ip
 7. restart filebeat
-8. copy 99-pihole-log-facility.conf to /etc/dnsmasq.d/
+8. copy ```99-pihole-log-facility.conf to /etc/dnsmasq.d/```
 9. this is very important: restart pi-hole and ensure filebeat is sending logs to logstash before proceeding
 10. You can verify this by:
 11. at your filebeat instance: 
@@ -65,18 +65,16 @@ it should say "ok" on every step.
 
 13. create the index pattern:
 ```Management -> Index patterns -> Create index pattern```
-14. type logstash-syslog-dns - it shound find one index
-15. click next step and select @timezone 
+14. type ```logstash-syslog-dns``` - it shound find one index
+15. click next step and select ```@timezone``` 
 16. Create index pattern
 17. Once the index is created, verify that 79 fields are listed
 18. click the curved arrows on the top left
-19. import suitable "json/elk-hole *.json" for your version into kibana: management - saved objects - import
-20. optionally select the correct index pattern: logstash-syslog-dns*
+19. import suitable ```json/elk-hole *.json``` for your version into kibana: ```management - saved objects - import```
+20. optionally select the correct index pattern: ```logstash-syslog-dns*```
 21. delete any existing template matching our index name: 
 ```DELETE /_template/logstash-syslog-dns*```
-22. import the template: paste the content of:
-```logstash-syslog-dns-index.template_ELK7.x.json
-into kibanas dev tools console
+22. import the template: paste the content of: ```logstash-syslog-dns-index.template_ELK7.x.json``` into kibanas dev tools console
 23. click the green triangle in the upper right of the pasted content (first line). Output should be:
 ```
 {
-- 
GitLab