Updating logstash configuration

Kibana version fixed
Upgrade Wazuh Manager to 3.3.1 and Elastic Stack 6.3.0
2025-11-01 20:43:35 +00:00 · 2018-07-02 08:13:04 -05:00 · 2018-06-29 21:03:55 +02:00 · 2018-06-29 20:41:11 +02:00
6 changed files with 8 additions and 8 deletions
--- a/README.md
+++ b/README.md
@@ -15,7 +15,7 @@ In addition, a docker-compose file is provided to launch the containers mentione

 ## Current release

-Containers are currently tested on Wazuh version 3.3.1 and Elastic Stack version 6.2.4. We will do our best to keep this repository updated to latest versions of both Wazuh and Elastic Stack.
+Containers are currently tested on Wazuh version 3.3.1 and Elastic Stack version 6.3.0. We will do our best to keep this repository updated to latest versions of both Wazuh and Elastic Stack.

 ## Installation notes

--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -38,7 +38,7 @@ services:
    environment:
      - LS_HEAP_SIZE=2048m
  elasticsearch:
-    image: docker.elastic.co/elasticsearch/elasticsearch-oss:6.2.4
+    image: docker.elastic.co/elasticsearch/elasticsearch-oss:6.3.0
    hostname: elasticsearch
    restart: always
    ports:
--- a/kibana/Dockerfile
+++ b/kibana/Dockerfile
@@ -1,6 +1,6 @@
 # Wazuh App Copyright (C) 2018 Wazuh Inc. (License GPLv2)
-FROM docker.elastic.co/kibana/kibana-oss:6.2.4
-ARG WAZUH_APP_VERSION=3.3.0_6.2.4
+FROM docker.elastic.co/kibana/kibana-oss:6.3.0
+ARG WAZUH_APP_VERSION=3.3.1_6.3.0
 USER root

 ADD https://packages.wazuh.com/wazuhapp/wazuhapp-${WAZUH_APP_VERSION}.zip /tmp
--- a/logstash/Dockerfile
+++ b/logstash/Dockerfile
@@ -1,5 +1,5 @@
 # Wazuh App Copyright (C) 2018 Wazuh Inc. (License GPLv2)
-FROM docker.elastic.co/logstash/logstash-oss:6.2.4
+FROM docker.elastic.co/logstash/logstash-oss:6.3.0

 RUN rm -f /usr/share/logstash/pipeline/logstash.conf

--- a/logstash/config/01-wazuh.conf
+++ b/logstash/config/01-wazuh.conf
@@ -26,14 +26,14 @@ filter {
    geoip {
        source => "@src_ip"
        target => "GeoLocation"
-        fields => ["city_name", "continent_code", "country_code2", "country_name", "region_name", "location"]
+        fields => ["city_name", "country_name", "region_name", "location"]
    }
    date {
        match => ["timestamp", "ISO8601"]
        target => "@timestamp"
    }
    mutate {
-        remove_field => [ "timestamp", "beat", "input_type", "tags", "count", "@version", "log", "offset", "type","@src_ip"]
+        remove_field => ["timestamp", "beat", "input_type", "tags", "count", "@version", "log", "offset", "type", "@src_ip", "host"]
    }
 }
 output {
--- a/wazuh/Dockerfile
+++ b/wazuh/Dockerfile
@@ -1,6 +1,6 @@
 # Wazuh App Copyright (C) 2018 Wazuh Inc. (License GPLv2)
 FROM phusion/baseimage:latest
-ARG FILEBEAT_VERSION=6.2.4
+ARG FILEBEAT_VERSION=6.3.0
 ARG WAZUH_VERSION=3.3.1-1

 # Updating image
Author	SHA1	Message	Date
Miguelangel Freitas	4050621326	Updating logstash configuration	2018-07-02 08:13:04 -05:00
José Luis Ruiz Ruiz	36cc2607a7	Kibana version fixed	2018-06-29 21:03:55 +02:00
José Luis Ruiz Ruiz	b91e9ba308	Upgrade Wazuh Manager to 3.3.1 and Elastic Stack 6.3.0	2018-06-29 20:41:11 +02:00