[Oisf-users] Suricata 2.0.8 -->Cannot get logs to SIEM
Brian Keefer
chort at effu.se
Tue Jun 30 15:28:11 UTC 2015
On Jun 30, 2015, at 8:25 AM, Jeremy MJ <jskier at gmail.com> wrote:
>> Or you could just use Splunk with a Splunk Universal Forwarder and just eat the eve.json directly off the sensor ;-P
>
> splunk has worked great with the eve logs for me (indexes JSON very
> cleanly), probably similar to logstash as well.
>
> --
> Jeremy MJ
>
+1 to this. It works great.
--
bk
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 841 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20150630/dac9d572/attachment.sig>
More information about the Oisf-users
mailing list