[Oisf-users] Suricata's files-json.log and Splunk
Marcos Rodriguez
marcos.e.rodriguez at gmail.com
Sat Apr 21 03:20:08 UTC 2012
On Fri, Apr 20, 2012 at 11:01 PM, Martin Holste <mcholste at gmail.com> wrote:
> Check out the framework in the contrib/file_processor
> directory which demos how to do some interesting things with the JSON
> file. If you want, I can code up a quick syslog forwarder plugin
> which would be suitable for sending to
> Splunk.________________________________
> > Oisf-users mailing list
> > Oisf-users at openinfosecfoundation.org
> > http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
Hi Martin,
Ah, nice! I would love it, that would be a great resource if it's not too
much trouble. I'm really liking the multi-site md5 correlation features.
Thanks for the insight!
marcos
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20120420/ad780a4e/attachment-0002.html>
More information about the Oisf-users
mailing list