From 4dc9790391cd23a435f194314a7e8e7d86b30f3a Mon Sep 17 00:00:00 2001 From: Andrew <a@3ilson.com> Date: Mon, 30 Sep 2019 22:01:38 -0400 Subject: [PATCH] Update 13-snort.conf --- conf.d/13-snort.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/conf.d/13-snort.conf b/conf.d/13-snort.conf index 9b60c29..e5492ea 100644 --- a/conf.d/13-snort.conf +++ b/conf.d/13-snort.conf @@ -1,6 +1,6 @@ # 13-snort.conf filter { - if "pf" in [tags] and [application] =~ /^snort/ { + if "pf" in [tags] and [syslog_program] =~ /^snort/ { mutate { add_tag => [ "Snort" ] } -- GitLab