From a8b3b1d791162655f884446f9ada383f8d072c17 Mon Sep 17 00:00:00 2001 From: David Gidwani Date: Thu, 24 Aug 2017 09:19:22 -0400 Subject: [PATCH] added timestamp_fields configuration option --- beater/nessusbeat.go | 4 ++++ config/config.go | 7 ++++--- nessusbeat.full.yml | 1 + nessusbeat.yml | 1 + 4 files changed, 10 insertions(+), 3 deletions(-) diff --git a/beater/nessusbeat.go b/beater/nessusbeat.go index badb10f..e543d46 100644 --- a/beater/nessusbeat.go +++ b/beater/nessusbeat.go @@ -186,6 +186,10 @@ func (bt *Nessusbeat) Run(b *beat.Beat) error { "see_also": record[11], "plugin_output": record[12], } + timestampFields := strings.Split(bt.config.TimestampFields, ",") + for _, field := range timestampFields { + event[strings.TrimSpace(field)] = event["@timestamp"] + } bt.client.PublishEvent(event) } } diff --git a/config/config.go b/config/config.go index 6db5c40..35b3239 100644 --- a/config/config.go +++ b/config/config.go @@ -4,14 +4,15 @@ package config type Config struct { - CaCertPath string `config:"cacert_path"` + CaCertPath string `config:"cacert_path"` ReportPath string `config:"report_path"` NessusApiUrl string `config:"api_url"` NessusApiUsername string `config:"api_username"` NessusApiPassword string `config:"api_password"` + TimestampFields string `config:"timestamp_fields"` } var DefaultConfig = Config{ - ReportPath: "/opt/nessus/var/nessus/users/admin/reports", - NessusApiUrl: "https://localhost:8834", + ReportPath: "/opt/nessus/var/nessus/users/admin/reports", + NessusApiUrl: "https://localhost:8834", } diff --git a/nessusbeat.full.yml b/nessusbeat.full.yml index 63a7fcb..1286b51 100644 --- a/nessusbeat.full.yml +++ b/nessusbeat.full.yml @@ -8,6 +8,7 @@ nessusbeat: #api_url: #api_username: #api_password: + #timestamp_fields: name: nessusbeat diff --git a/nessusbeat.yml b/nessusbeat.yml index 7b2cbf5..ccefc62 100644 --- a/nessusbeat.yml +++ b/nessusbeat.yml @@ -8,6 +8,7 @@ nessusbeat: #api_url: #api_username: #api_password: + #timestamp_fields: name: nessusbeat