[Oisf-users] Suricata's files-json.log and Splunk
Martin Holste
mcholste at gmail.com
Sat Apr 21 03:01:19 UTC 2012
Check out the framework in the contrib/file_processor
directory which demos how to do some interesting things with the JSON
file. If you want, I can code up a quick syslog forwarder plugin
which would be suitable for sending to Splunk.
On Fri, Apr 20, 2012 at 4:52 PM, Marcos Rodriguez
<marcos.e.rodriguez at gmail.com> wrote:
> Hi Everyone,
>
> Just out of curiosity, has anyone played with ingesting files-json.log into
> Splunk? If so, how is that working out? I may play around with that,
> since we're a Splunk shop for part of our research activities. I just
> wanted to see how people are using the new JSON output. Thanks!
>
> marcos
>
> _______________________________________________
> Oisf-users mailing list
> Oisf-users at openinfosecfoundation.org
> http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>
More information about the Oisf-users
mailing list