From 27a2ff498eee34a84a062268b005365e23bcacfe Mon Sep 17 00:00:00 2001
From: Andrew <a@3ilson.com>
Date: Sat, 7 Sep 2019 12:19:25 -0400
Subject: [PATCH] Update 11-pf.conf

---
 11-pf.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/11-pf.conf b/11-pf.conf
index 211c13d..fc61eb5 100644
--- a/11-pf.conf
+++ b/11-pf.conf
@@ -32,7 +32,7 @@ filter {
               }
               grok {
                   patterns_dir => ["/etc/logstash/conf.d/patterns"]
-                  match => [ "message", "%{PF_SURICATA}"]
+                  match => [ "message", "%{SURICATA}"]
              }
                 if ![geoip] and [ids_src_ip] !~ /^(10\.|192\.168\.)/ {
                   geoip {
-- 
GitLab