From f4b1fd066470a76604bdaeaaab56e804a50d6de5 Mon Sep 17 00:00:00 2001
From: Eric Fontana <eric@fontanas.net>
Date: Tue, 29 Jul 2014 13:40:45 -0400
Subject: [PATCH] Filters markdown

---
 Filters.md | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)
 create mode 100644 Filters.md

diff --git a/Filters.md b/Filters.md
new file mode 100644
index 0000000..0cff8c3
--- /dev/null
+++ b/Filters.md
@@ -0,0 +1,28 @@
+# Filters
+The following filters are provided.
+
+
+| Filter            | Description                                                             
+| :---------------- |:----------------------------------------------------------------------- 
+| *[grok][1]*            |Similar to the logstash grok filter                                                  
+| *date*            |Format of the "Data" binary field.                                       
+| *mutate*          |Behavior when event messages or event category names cannot be resolved.                             
+Example Input:
+```json
+{
+    "TimberWinR": {
+        "Inputs": {
+            "WindowsEvents": [
+                {
+                    "source": "System,Application",
+                    "binaryFormat": "PRINT",
+                    "resolveSIDS": true
+                }
+            ]
+		}
+	}
+}
+```
+
+
+  [1]: http://logstash.net/docs/1.4.2/filters/grok
\ No newline at end of file