Can not access json.orig_bytes and json.resp_bytes in filebeat zeek's module

pakban3242 · May 10, 2023, 7:05am

Hi ,
i want to bring zeek logs to Elasticsearch , but this two modules are not included
json.orig_bytes","json.resp_bytes

i have changed this file /usr/share/filebeat/module/zeek/connection/config/connection.yml
and delete this twi fields form drop fields , but nothing happed !
could ant one guide me what should i do to bring this two fields .
thanks .

system · June 7, 2023, 9:05am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Filebeat "zeek" module integration Beats beats-module , filebeat	2	500	January 30, 2020
I can't see Zeek's http.log in Kibana but everything else (DNS, SSL, etc.) is fine Beats filebeat	2	1558	March 2, 2020
Zeek Filebeat Module to Logstash JSON Logstash	2	703	October 22, 2019
Zeek module - other logs Beats filebeat	1	272	July 24, 2019
Filebeat zeek module shows no data Beats filebeat	1	282	August 24, 2022

Can not access json.orig_bytes and json.resp_bytes in filebeat zeek's module

Related topics