[Bro] Bro dot problem
tgdesrochers at gmail.com
Wed Dec 23 13:36:17 PST 2015
In logstash/elasticsearch there is a de_dot filter that works quite well.
It has its bugs but it will get the work done.
On Dec 23, 2015 4:24 PM, "Vito Logrillo" <vitologrillo at gmail.com> wrote:
> Hi all,
> as you known, Elasticsearch is unable to menage fields with a dot
> Until now I've used the Bro json output: the output logs were sent to
> Elastich through Logstash; from Elasticsearch 2.0 this is not
> Is there a way to substitute a dot with another character?
> Bro mailing list
> bro at bro-ids.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Bro