diff --git a/config/syslog-ng.conf.d/bind-dns.conf b/config/syslog-ng.conf.d/bind-dns.conf index e333dba..f85bac2 100644 --- a/config/syslog-ng.conf.d/bind-dns.conf +++ b/config/syslog-ng.conf.d/bind-dns.conf @@ -51,7 +51,7 @@ parser p_bind_client_ip_geoip2_city { geoip2( "${bind9.client.ip}", prefix( "geoip2.source." ) - database( "../GeoIP/GeoLite2-City.mmdb" ) + database( "GeoIP/GeoLite2-City.mmdb" ) ); }; diff --git a/config/syslog-ng.conf.d/nginx.conf b/config/syslog-ng.conf.d/nginx.conf index 048ac14..faa00d1 100644 --- a/config/syslog-ng.conf.d/nginx.conf +++ b/config/syslog-ng.conf.d/nginx.conf @@ -40,7 +40,7 @@ parser p_nginx_client_ip_geoip2_city { geoip2( "${nginx.client.ip}", prefix( "geoip2.source." ) - database( "../GeoIP/GeoLite2-City.mmdb" ) + database( "GeoIP/GeoLite2-City.mmdb" ) ); }; diff --git a/config/syslog-ng.conf.d/unifi.conf b/config/syslog-ng.conf.d/unifi.conf index 12585fa..c17a667 100644 --- a/config/syslog-ng.conf.d/unifi.conf +++ b/config/syslog-ng.conf.d/unifi.conf @@ -20,7 +20,7 @@ parser p_fw_src_ip_geoip2_city { geoip2( "${kv.SRC}", prefix( "geoip2.source." ) - database( "../GeoIP/GeoLite2-City.mmdb" ) + database( "GeoIP/GeoLite2-City.mmdb" ) ); }; @@ -28,7 +28,7 @@ parser p_fw_dst_ip_geoip2_city { geoip2( "${kv.DST}", prefix( "geoip2.destination." ) - database( "../GeoIP/GeoLite2-City.mmdb" ) + database( "GeoIP/GeoLite2-City.mmdb" ) ); }; @@ -36,7 +36,7 @@ parser p_suricata_dest_ip_geoip2_city { geoip2( "${suricata.dest_ip}", prefix( "geoip2.destination." ) - database( "../GeoIP/GeoLite2-City.mmdb" ) + database( "GeoIP/GeoLite2-City.mmdb" ) ); }; @@ -44,7 +44,7 @@ parser p_suricata_src_ip_geoip2_city { geoip2( "${suricata.src_ip}", prefix( "geoip2.source." ) - database( "../GeoIP/GeoLite2-City.mmdb" ) + database( "GeoIP/GeoLite2-City.mmdb" ) ); }; @@ -62,7 +62,7 @@ destination d_unifi_suricata { --exclude DATE @timestamp=${ISODATE})") persist-name("d_unifi_suricata") ); -} +}; destination d_unifi_bash_history { elasticsearch-http(