securityonion-elastic: set Zeek/Bro event_type to bro_*, zeek_*

Security-Onion-Solutions / security-onion

Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management

https://securityonion.net

3.06k stars 521 forks source link

Closed dougburks closed 4 years ago

dougburks commented 4 years ago

See if we can set event_type to both bro_blah and zeek_blah to allow user to search for either.

dougburks commented 4 years ago

Closing for now.