[Oisf-users] Has anyone gotten suricata JSON logging working with logstash 1.4.0 yet?
Peter Manev
petermanev at gmail.com
Sun Mar 23 00:16:46 UTC 2014
On Sat, Mar 22, 2014 at 11:17 PM, Peter Manev <petermanev at gmail.com> wrote:
> On Sat, Mar 22, 2014 at 9:01 PM, Eric Leblond <eric at regit.org> wrote:
>> Hello
>>
>> Got it working. No big difficulty on the conf. Almost no change but the output to get a full working elasticsearch output.
>
>
> How did you get it working?
> Some more details would be nice, since i am having troubles as well on
> a clean installation.
>
In my case ->
It works fine if you just install everything separately (ES, logstash,
Kibana). If you try the "all in one" approach ... you get the strange
behavior of no errs but no log digestion...
--
Regards,
Peter Manev
More information about the Oisf-users
mailing list