[Oisf-users] Has anyone gotten suricata JSON logging working with logstash 1.4.0 yet?
Eric Leblond
eric at regit.org
Sat Mar 22 20:01:32 UTC 2014
Hello
Got it working. No big difficulty on the conf. Almost no change but the output to get a full working elasticsearch output.
BR,
Le 22 mars 2014 20:44, "Cooper F. Nelson" <cnelson at ucsd.edu> a écrit :
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> See subject. I've tried the published guides and haven't had any luck.
> If someone has a working logstash.conf file they could produce that
> would be a big help.
>
> - --
> Cooper Nelson
> Network Security Analyst
> UCSD ACT Security Team
> cnelson at ucsd.edu x41042
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.17 (MingW32)
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>
> iQEcBAEBAgAGBQJTLegUAAoJEKIFRYQsa8FWrRgH/AqGz8QM8qNBynXiTnAJY3lT
> 3zphd3mj7Z5ZYSjzWs5yN1Wi5yPOa1HGfeuoCNvVGgqPGKTY/Mu3q6hTXuvSu1jo
> VHPcMFpC0tL0ZzA4rKPf89VOKq+IBk51v9UC83rn/ckfZqc0jZ1mtZa3xa2a1ejT
> 7O07b2nDNYG7MXeSzMQDp+JUA3cA2sr3t7+W1+3ljoPkFKcydCb83yqKLwpPbBUm
> 3mFU0MZt4KLYZpN/uS/DX594T9z9az0K+YC1iFKTxnU2Vn7NkJ+rxlgF1XuF7ka1
> WwPWn/bJyrvLqQEFruEPnOihmOoQDyZSYEzAXP0QpW7BqkzuwCwJGIaBjqxfHU8=
> =8w4r
> -----END PGP SIGNATURE-----
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> OISF: http://www.openinfosecfoundation.org/
More information about the Oisf-users
mailing list