[Bro] Logstash vs. Bro ElasticSearch Writer

Rosebraugh, Connar connar.rosebraugh at egov.com
Fri Jan 24 08:48:27 PST 2014

Hi all!

I am trying to decide if I should use the Bro ElasticSearch writer or Logstash for generating ElasticSearch logs. I found this<http://www.appliednsm.com/parsing-bro-logs-with-logstash/> great write-up on using Logstash for creating ElasticSearch logs. What are the differences between the two? I know that Kibana has difficulty making sense of the ElasticSearch logs that Bro writes, especially with respect to the time that events occur.

Connar Rosebraugh
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20140124/c0d7e668/attachment.html 

More information about the Bro mailing list