[Oisf-users] Suricata 2.0.8 -->Cannot get logs to SIEM

Brian Keefer chort at effu.se
Tue Jun 30 15:28:11 UTC 2015


On Jun 30, 2015, at 8:25 AM, Jeremy MJ <jskier at gmail.com> wrote:

>> Or you could just use Splunk with a Splunk Universal Forwarder and just eat the eve.json directly off the sensor ;-P
> 
> splunk has worked great with the eve logs for me (indexes JSON very
> cleanly), probably similar to logstash as well.
> 
> --
> Jeremy MJ
> 

+1 to this. It works great.

--
bk
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 841 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20150630/dac9d572/attachment.sig>


More information about the Oisf-users mailing list