input {
  file {
    path => "/var/log/suricata/eve.json"
    codec => "json"
    type => "eve"
    start_position => "beginning"
  }
}

filter {
  mutate {
    # This is actually an illegal rename, Elastic does
    # not allow dots in field names.
    #rename => { "host" => "host.name" }
  }
}

output {
  elasticsearch {
    hosts => "http://elasticsearch:9200"
  }
}