From 1a844d13ba2e087e7609b873f7240a6f6ca34da7 Mon Sep 17 00:00:00 2001
From: t3chn0m4g3 <t3chn0m4g3@gmail.com>
Date: Wed, 27 Oct 2021 16:14:52 +0000
Subject: [PATCH] start integrating new honeypots into ELK

---
 docker/elk/logstash/dist/logstash.conf | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/docker/elk/logstash/dist/logstash.conf b/docker/elk/logstash/dist/logstash.conf
index df33abb0..46ea5e4e 100644
--- a/docker/elk/logstash/dist/logstash.conf
+++ b/docker/elk/logstash/dist/logstash.conf
@@ -517,6 +517,15 @@ filter {
     }
   }
 
+# Redishoneypot
+  if [type] == "Redishoneypot" {
+    date {
+      match => [ "time", "yyyy-MM-dd HH:mm:ss" ]
+      remove_field => ["time"]
+      remove_field => ["timestamp"]
+    }
+  }
+
 # NGINX
   if [type] == "NGINX" {
     date {