[Oisf-users] streaming http.log elsewhere via some mechanism

Martin Holste mcholste at gmail.com
Tue Nov 15 20:35:59 UTC 2011


Either syslog-ng or rsyslog will perform this task nicely.  In
syslog-ng, you can use the file() source like this:

source s_suri_http { file("/path/to/http.log"); };
destination d_remote_syslog { udp("remote.syslog.server"); };
log { source(s_suri_http); destination(d_remote_syslog); };

On Tue, Nov 15, 2011 at 1:43 PM, corenor <corenor at gmail.com> wrote:
> This is not a Suricata question exactly.  I have Suricata configured to
> store an http log, which is pretty nice. Related to this I am looking for
> recommendations for streaming this to a logging server.
>
> Also the format looks pretty standard but also wondering if it follows any
> existing format for proxy logs etc.
>
> Regards,
>
> Michael
>
>
> _______________________________________________
> Oisf-users mailing list
> Oisf-users at openinfosecfoundation.org
> http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>
>



More information about the Oisf-users mailing list