[Bro] Bro Elasticsearch 2+
James Lay
jlay at slave-tothe-box.net
Sat Nov 28 05:16:57 PST 2015
On Fri, 2015-11-27 at 22:14 +0100, Daniel Guerra wrote:
> Hi,
>
>
>
> I’ve been working a while on the elasticsearch integration with bro.
> There have been some issues like timestamp, the elstic 2.0 no dot
> and the name/type changes in the logging (version …). See my changes
> in https://github.com/danielguerra69/bro-debian-elasticsearch/blob/master/Dockerfile
> It was made pragmatic, some changes where just a quick hack.
> The latest release is stable.
> https://hub.docker.com/r/danielguerra/bro-debian-elasticsearch/
>
>
> Regards,
>
>
> Daniel
>
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
Thanks for this Daniel....I've been looking at the new ES as
well....seems like a large pain now...this will help me out.
James
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20151128/7b483167/attachment.html
More information about the Bro
mailing list