jthoel at gmail.com
Tue Oct 22 10:16:17 PDT 2013
And Security onion uses Elsa to do the same thing. Elsa is just a
moving target (changes a lot) but Martin is doing an awesome job
fixing things, adding features and helping people out.
Elsa has the benefit of being free with no limits, vs splunk 500mb/day
On Tue, Oct 22, 2013 at 4:57 PM, James Lay <jlay at slave-tothe-box.net> wrote:
> Hey all!
> So...I'm looking for SOMETHING that will allow me to parse and
> aggregate bro, snort, and firewall logs. I've looked at logstash, but
> the latest version seems poorly documented...everything that I wanted to
> try took ages to figure out. Anyone have anything that will accomplish
> something like this? Thanks all.
> Bro mailing list
> bro at bro-ids.org
More information about the Bro