[Bro] Bro Elasticsearch 2+
jlay at slave-tothe-box.net
Sat Nov 28 05:16:57 PST 2015
On Fri, 2015-11-27 at 22:14 +0100, Daniel Guerra wrote:
> I’ve been working a while on the elasticsearch integration with bro.
> There have been some issues like timestamp, the elstic 2.0 no dot
> and the name/type changes in the logging (version …). See my changes
> in https://github.com/danielguerra69/bro-debian-elasticsearch/blob/master/Dockerfile
> It was made pragmatic, some changes where just a quick hack.
> The latest release is stable.
> Bro mailing list
> bro at bro-ids.org
Thanks for this Daniel....I've been looking at the new ES as
well....seems like a large pain now...this will help me out.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Bro