so-zeek-logs

If you want to specify what Zeek logs are ingested, you can use so-zeek-logs. It will show you a list of all Zeek logs and you can specify which of those logs are ingested. Once you’ve made your selection, it will modify the Filebeat configuration for you.