[Oisf-users] Has anyone gotten suricata JSON logging working with logstash 1.4.0 yet?
Cooper F. Nelson
cnelson at ucsd.edu
Sat Mar 22 20:23:58 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Would it be possible for you to send me your logstash.conf file (with
your hostnames/IPs removed)? The web interface is working but doesn't
show any data.
- -Coop
On 3/22/2014 1:01 PM, Eric Leblond wrote:
> Hello
>
> Got it working. No big difficulty on the conf. Almost no change but
> the output to get a full working elasticsearch output.
>
> BR,
>
> Le 22 mars 2014 20:44, "Cooper F. Nelson" <cnelson at ucsd.edu> a écrit
> :
>>
> See subject. I've tried the published guides and haven't had any
> luck. If someone has a working logstash.conf file they could produce
> that would be a big help.
>
>> _______________________________________________ Suricata IDS Users
>> mailing list: oisf-users at openinfosecfoundation.org Site:
>> http://suricata-ids.org | Support: http://suricata-ids.org/support/
>> List:
>> https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>> OISF: http://www.openinfosecfoundation.org/
- --
Cooper Nelson
Network Security Analyst
UCSD ACT Security Team
cnelson at ucsd.edu x41042
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQEcBAEBAgAGBQJTLfFeAAoJEKIFRYQsa8FWZCQH/0qhvyCwe8VJ3ob5ftDuze39
FT2MX1W9QKvBVnod2sdo1EqwKAXcVv4mbNzsuz0YpcOH/gQXnQIW8fwmsld6nGn2
xBNkzPGkTkw8kjXosQlpHX9OXeI+E0ZhsRNe036LgTZ2PGpPPJm+A3o4ky9ArDLY
5lC60/lQ7nm/4YPsVE3vFR8LaFRK/3LEyryKBOLbTo4ybX8BzB8S6JwHqdd2UCQF
vXfV+LDR4l0PbyVrCK5dl2jD7niXc0/SAA5xaNni/cZjX6TjPUWuBRa9IZl/xCD5
RlgV/k4AoV5ElXNrh+7yLbZZjW+5XP1495s0IwHFA7XbLAP+AWKwzr3uGXmrNtc=
=IONB
-----END PGP SIGNATURE-----
More information about the Oisf-users
mailing list