[Bro] Couple elasticsearch questions

Mike Waite mfw113 at psu.edu
Wed Jul 23 17:39:58 PDT 2014

Take a look at 



On 7/23/14, 11:50 AM, James Lay wrote:

> I'm guessing I'm going to have to create something like the above grok 
> for each bro log file....which...is going to be a hoot ;)  I was hoping 
> that work was already done somewhere...and I think I had it working at 
> one time for conn.log that I posted here some time ago.  Thanks 
> again...after looking at the Brownian source I think I'm going to have 
> to just bite the bullet and generate the grok lines.
> James
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 601 bytes
Desc: OpenPGP digital signature
Url : http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20140723/4a26fd47/attachment.bin 

More information about the Bro mailing list