go-pot:

- remove conflicting field ("type") - ranme duration => session_duration
simily00 · Dec 9, 2024 · 663b509 · 663b509
1 parent c710aa8
commit 663b509
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 1 deletion.
diff --git a/docker/elk/logstash/dist/http_output.conf b/docker/elk/logstash/dist/http_output.conf
@@ -520,6 +520,9 @@ filter {
     }
     mutate {
       remove_field => ["ts"]
+      rename => {
+        "duration" => "session_duration"
+      }
     }
   }
 

diff --git a/docker/elk/logstash/dist/logstash.conf b/docker/elk/logstash/dist/logstash.conf
@@ -512,6 +512,9 @@ filter {
     }
     mutate {
       remove_field => ["ts"]
+      rename => {
+        "duration" => "session_duration"
+      }
     }
   }
 

diff --git a/docker/go-pot/dist/config.yml b/docker/go-pot/dist/config.yml
@@ -56,7 +56,7 @@ server:
     #   - device_brand: The type of device of the client (Inferred from the user agent)
     #   - phase: "start" or "end" depending on the phase of the request
     #   - duration: The duration of the request in milliseconds (Only available as a part of the end phase of a request)
-    fields_to_log: "timestamp,id,status,src_ip,method,path,qs,dest_port,type,host,user_agent,browser,browser_version,os,os_version,device,device_brand,phase,duration"
+    fields_to_log: "timestamp,id,status,src_ip,method,path,qs,dest_port,host,user_agent,browser,browser_version,os,os_version,device,device_brand,phase,duration"
 
 # Configuration for logging related settings for go-pot
 logging: