filebeat.inputs:
- type: log
  enabled: true
  paths:
    - /var/log/suricata/eve.json
  json.keys_under_root: true
  overwrite_keys: true

output.elasticsearch:
  hosts: ["http://elasticsearch:9200"]