Update articles/sentinel/summary-rules.md

batamig · web-flow · commit a051b1a046ac · 2024-07-30T20:05:29.000+03:00
diff --git a/articles/sentinel/summary-rules.md b/articles/sentinel/summary-rules.md
@@ -300,6 +300,7 @@ This procedure describes a sample process for using summary rules with [auxiliar
             add_field => {"LogstashVersion" => "${LOGSTASH_VERSION}"}     
           } 
           prune { 
+            whitelist_names => [ "Message", "TimeGenerated", "Activity", "LogSeverity",     "CefVersion", "DeviceVendor", "DeviceProduct", "DeviceVersion", "DeviceEventClassID"] 
           } 
         } 
          output { 

Original file line number	Diff line number	Diff line change
`@@ -300,6 +300,7 @@ This procedure describes a sample process for using summary rules with [auxiliar`
`300`	`300`	`add_field => {"LogstashVersion" => "${LOGSTASH_VERSION}"}`
`301`	`301`	`}`
`302`	`302`	`prune {`
	`303`	`+ whitelist_names => [ "Message", "TimeGenerated", "Activity", "LogSeverity", "CefVersion", "DeviceVendor", "DeviceProduct", "DeviceVersion", "DeviceEventClassID"]`
`303`	`304`	`}`
`304`	`305`	`}`
`305`	`306`	`output {`