[Oisf-users] Suricata 2.0 Available!
Cooper F. Nelson
cnelson at ucsd.edu
Tue Mar 25 17:05:37 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Same problem I had previously, the embedded elasticsearch instance
doesn't start. Maybe it's something on my end.
I'll post an update if I figure this out.
On 3/25/2014 9:41 AM, Victor Julien wrote:
> On 03/25/2014 05:35 PM, Cooper F. Nelson wrote:
>> The current version of logstash is 1.4.0 and does not work with
>> this guide. Would it be possible to get it updated?
>
>> I'll offer to help in any way possible, with the caveat that I
>> haven't been able to get it to work myself.
>
> It works for me, however with one change. I'm using
> logstash-forwarder, and with this it seems the filter:
>
> filter {
> date {
> match => [ "timestamp", "ISO8601" ]
> }
> }
>
> Doesn't work. If I have this, I see no logs, otherwise if I remove
> that, it works normally.
>
> My configs for reference: https://gist.github.com/inliniac/9765934
>
>
- --
Cooper Nelson
Network Security Analyst
UCSD ACT Security Team
cnelson at ucsd.edu x41042
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQEcBAEBAgAGBQJTMbdhAAoJEKIFRYQsa8FWdPgH/ioFqmemW6mIcxPZw3rrYf/K
OI4eYBEEZl6gHZCXut5HVm0IscxJ60uBSW2m1o/MahB7j/MnW+OvAMfITVWL91AP
Vdz41J5lISp5/WXgCKPG1YY72sh9V0if0Q4gZP3nzTo88tNwsxTxx5sd5JSm7Cvn
VIqPbtN5NjFV5CcnWLPMYZRzX/49vsfJbuRXKnpTVylVBOOd7CkKtZUYEYnRjyBj
RBX+buk1JBmPv/U028Bnzlt1O7oFtC2b7M8reu9vkmrECmuIpuPMLg6r7c6uNHWA
xB/ypN1+khlG6g8AN9b4YIYoC4T+oi4sLtcTUB5yNHNDvLAVZ798k6eKnfKVMyk=
=XtUn
-----END PGP SIGNATURE-----
More information about the Oisf-users
mailing list