You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the feature:
Allow a dropdown to change what index pattern an Elastic created visualization uses.
Describe a specific use case for the feature:
We have created a Suricata module for Filebeat but we'd like to swap off of that to use the built-in Elastic Suricata module for Filebeat if possible. Mainly because it is maintained by Elastic and comes with some prebuilt visualizations.
During testing, we identified that the index pattern for the dashboards must be filebeat-*. While it's fine to have this when it ships, we don't use that index pattern format for our Suricata data.
It'd be great if there was some way to select the index pattern that you're going to use for the Elastic provided visualizations.
The text was updated successfully, but these errors were encountered:
Describe the feature:
Allow a dropdown to change what index pattern an Elastic created visualization uses.
Describe a specific use case for the feature:
We have created a Suricata module for Filebeat but we'd like to swap off of that to use the built-in Elastic Suricata module for Filebeat if possible. Mainly because it is maintained by Elastic and comes with some prebuilt visualizations.
During testing, we identified that the index pattern for the dashboards must be
filebeat-*. While it's fine to have this when it ships, we don't use that index pattern format for our Suricata data.It'd be great if there was some way to select the index pattern that you're going to use for the Elastic provided visualizations.
The text was updated successfully, but these errors were encountered: