[Oisf-users] Has anyone gotten suricata JSON logging working with logstash 1.4.0 yet?

Cooper F. Nelson cnelson at ucsd.edu
Sat Mar 22 20:23:58 UTC 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Would it be possible for you to send me your logstash.conf file (with
your hostnames/IPs removed)?  The web interface is working but doesn't
show any data.

- -Coop

On 3/22/2014 1:01 PM, Eric Leblond wrote:
> Hello
> 
> Got it working. No big difficulty on the conf. Almost no change but
> the output to get a full working elasticsearch output.
> 
> BR,
> 
> Le 22 mars 2014 20:44, "Cooper F. Nelson" <cnelson at ucsd.edu> a écrit
> :
>> 
> See subject.  I've tried the published guides and haven't had any
> luck. If someone has a working logstash.conf file they could produce
> that would be a big help.
> 
>> _______________________________________________ Suricata IDS Users
>> mailing list: oisf-users at openinfosecfoundation.org Site:
>> http://suricata-ids.org | Support: http://suricata-ids.org/support/
>>  List:
>> https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>>  OISF: http://www.openinfosecfoundation.org/

- -- 
Cooper Nelson
Network Security Analyst
UCSD ACT Security Team
cnelson at ucsd.edu x41042
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJTLfFeAAoJEKIFRYQsa8FWZCQH/0qhvyCwe8VJ3ob5ftDuze39
FT2MX1W9QKvBVnod2sdo1EqwKAXcVv4mbNzsuz0YpcOH/gQXnQIW8fwmsld6nGn2
xBNkzPGkTkw8kjXosQlpHX9OXeI+E0ZhsRNe036LgTZ2PGpPPJm+A3o4ky9ArDLY
5lC60/lQ7nm/4YPsVE3vFR8LaFRK/3LEyryKBOLbTo4ybX8BzB8S6JwHqdd2UCQF
vXfV+LDR4l0PbyVrCK5dl2jD7niXc0/SAA5xaNni/cZjX6TjPUWuBRa9IZl/xCD5
RlgV/k4AoV5ElXNrh+7yLbZZjW+5XP1495s0IwHFA7XbLAP+AWKwzr3uGXmrNtc=
=IONB
-----END PGP SIGNATURE-----



More information about the Oisf-users mailing list