[Bro] How use logs-to-elasticsearch.bro

mz mz89924 at 126.com
Mon Feb 29 22:53:22 PST 2016

Dear all

I would like to use logs-to-elasticsearch.bro this script to log the Bro


My Bro Version: 2.4.1


1.Use this script is not you do not need logstash, Bro will be sent
directly to the log Elasticsearch?


2.I follow the official document: https:
//www.bro.org/sphinx/components/bro-plugins/elasticsearch/README.html is
configured in /usr/local/bro/share/bro/site/local. bro added @load
bro/ElasticSearch/logs-to-elasticsearch.bro. But it was not successful, in
addition to the configuration of the document still need additional

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20160301/9dbeb3a3/attachment.html 

More information about the Bro mailing list