Hi!
How can I change the filebeat default index name while using Suricata module?
Appreciated!
When u setup filebeat u can customize the index alias or index name to whatever u want. Be aware that the dashboards will still be set to the filebeat-* index pattern.
And is it possible to set dashboards to the new index pattern?
you can manually change the dashboard json files or change the dashboards after they're loaded into kibana. But changing the index name/alias in the filebeat config doesn't affect the dashboards.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.