accidentally deleted this config

config/processors/log_elasticsearch.conf

@@ -0,0 +1,44 @@
+# Copyright [2021] [Cargill, Incorporated.]
+# SPDX-License-Identifier: Apache-2.0
+# Ansible alert web hook to logstash https listener
+input {
+  pipeline {
+    address => VAR_PIPELINE_NAME
+  }
+}
+filter {
+  mutate {
+    add_field => { "[event][module]" => "elasticsearch" }
+    add_field => { "[event][dataset]" => "elasticsearch.audit" }
+    copy => { "[beat][hostname]" => "[log][source][hostname]" }
+  }
+  mutate {
+    rename => {
+      "@timestamp" => "[event][created]"
+      "[input][type]" => "[file][type]"
+      "program" => "[event][kind]"
+      "source" => "[file][path]"
+      "destination" => "[file][target_path]"
+      "tags" => "[tags]"
+      "severity" => "[event][severity_name]"
+      "[beat][name]" => "[agent][name]"
+      "[beat][hostname]" => "[host][hostname]"
+      "[beat][version]" => "[agent][version]"
+      "service" => "[service][name]"
+      "thread" => "[process][thread][id]"
+      "role" => "[user][roles]"
+      "[fields][environment]" => "[group][name]"
+    }
+  }
+  date {
+    match => [ "[event][created]", "ISO8601" ]
+    target => "[event][created]"
+    tag_on_failure => "_dateparsefailure_ec"
+  }
+  mutate {
+    remove_field => [ "beat" , "input", "topic_name", "offset", "@version", "fields", "prospector", "level"]
+  }
+}
+output {
+  pipeline { send_to => [enrichments] }
+}