Hi,<div><br></div><div>I am not sure if you have seen it:</div><div><a href="https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Custom_http_logging">https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Custom_http_logging</a></div>
<div><br></div><div>But there is a possibility for  custom (Apache ) logging - so actually any tool/software that can parse Apache logs would be able to do the job for you.</div><div><br></div><div>thanks<br><br><div class="gmail_quote">
On Thu, Sep 27, 2012 at 9:41 PM, Martin Holste <span dir="ltr"><<a href="mailto:mcholste@gmail.com" target="_blank">mcholste@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
ELSA will handle this out of the box:<br>
<a href="http://code.google.com/p/enterprise-log-search-and-archive/" target="_blank">http://code.google.com/p/enterprise-log-search-and-archive/</a> You will<br>
need to use the "unix_dgram" option and log to /dev/log, then have a<br>
rule for your local syslogger to send to ELSA.<br>
<div><div class="h5"><br>
On Thu, Sep 27, 2012 at 11:03 AM, Brant Wells <<a href="mailto:bwells@tfc.edu">bwells@tfc.edu</a>> wrote:<br>
> Hi All,<br>
><br>
><br>
><br>
> I was just wondering if there was anyone doing any kind of log parsing for<br>
> the HTTP_LOG file generated by Suricata?<br>
><br>
><br>
><br>
> If you are, what app are you using, et al?<br>
><br>
><br>
><br>
> Thanks!<br>
> ~Brant<br>
><br>
><br>
><br>
><br>
</div></div>> _______________________________________________<br>
> Oisf-users mailing list<br>
> <a href="mailto:Oisf-users@openinfosecfoundation.org">Oisf-users@openinfosecfoundation.org</a><br>
> <a href="https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users" target="_blank">https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users</a><br>
><br>
_______________________________________________<br>
Oisf-users mailing list<br>
<a href="mailto:Oisf-users@openinfosecfoundation.org">Oisf-users@openinfosecfoundation.org</a><br>
<a href="https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users" target="_blank">https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users</a><br>
</blockquote></div><br><br clear="all"><div><br></div>-- <br><div>Regards,</div>
<div>Peter Manev</div><br>
</div>