From 27a2ff498eee34a84a062268b005365e23bcacfe Mon Sep 17 00:00:00 2001 From: Andrew <a@3ilson.com> Date: Sat, 7 Sep 2019 12:19:25 -0400 Subject: [PATCH] Update 11-pf.conf --- 11-pf.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/11-pf.conf b/11-pf.conf index 211c13d..fc61eb5 100644 --- a/11-pf.conf +++ b/11-pf.conf @@ -32,7 +32,7 @@ filter { } grok { patterns_dir => ["/etc/logstash/conf.d/patterns"] - match => [ "message", "%{PF_SURICATA}"] + match => [ "message", "%{SURICATA}"] } if ![geoip] and [ids_src_ip] !~ /^(10\.|192\.168\.)/ { geoip { -- GitLab