[Oisf-users] Suricata 2.0 Available!
Victor Julien
victor at inliniac.net
Tue Mar 25 16:41:04 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 03/25/2014 05:35 PM, Cooper F. Nelson wrote:
> The current version of logstash is 1.4.0 and does not work with
> this guide. Would it be possible to get it updated?
>
> I'll offer to help in any way possible, with the caveat that I
> haven't been able to get it to work myself.
It works for me, however with one change. I'm using
logstash-forwarder, and with this it seems the filter:
filter {
date {
match => [ "timestamp", "ISO8601" ]
}
}
Doesn't work. If I have this, I see no logs, otherwise if I remove
that, it works normally.
My configs for reference: https://gist.github.com/inliniac/9765934
- --
- ---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
- ---------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
iQEcBAEBAgAGBQJTMbGgAAoJEMH0leOSaFa0kNkH/3kpdLH6xSsGcl9RWsgFyU9S
RDLSERmVYUqykXVZKtSCa/ZsC8QiqiGfXlAfPuitrHZ3BzIm2/PJSEfLaBiIRCt+
bEW0csoPwl1ybxLV87qiAkGF6kMet0dPddqneqO9hTMR/RD+0tzVzYtsEKwBfSjW
hpzOCvlaHW0ymCcHpiDB9aD45zluO9fC67L8MQDJcuwCS4ObJ5WuEsW4l6tRF8SM
OTzZsgu38wjLORELzxmdZSn2tfsg159Ye4QfFv4V9uK+ciXr3G1O1tNwij2hcCy2
7zAwKdtFEVsdaoioHhC5V3/aFsXka3jkSX6E4eMkn7zA8MnNdgUFkPFpYBQ5QNE=
=wscu
-----END PGP SIGNATURE-----
More information about the Oisf-users
mailing list