[Bro] elastic search / bro questions
Seth Hall
seth at icir.org
Thu Nov 6 19:17:38 PST 2014
> On Nov 6, 2014, at 9:50 PM, M K <mkhan04 at gmail.com> wrote:
>
> Also, I wrote two custom writers a few months back, an AMQP writer and an ElasticSearch River writer, both of which wrote to an AMQP server (the latter of which made river compliant messages for direct ingestion into ES). They worked well under testing, but I didn't go any further with them since my pull request to the bro repo wasn't accepted.
Could you remind me of the ticket number? I don't recall that we rejected your patches, it's possible that we've just not had a motivator to drive the patches forward.
.Seth
--
Seth Hall
International Computer Science Institute
(Bro) because everyone has a network
http://www.bro.org/
More information about the Bro
mailing list