[Bro] How use logs-to-elasticsearch.bro

mz mz89924 at 126.com
Mon Feb 29 22:53:22 PST 2016


Dear all

I would like to use logs-to-elasticsearch.bro this script to log the Bro
Elasticsearch。

 

My Bro Version: 2.4.1

 

1.Use this script is not you do not need logstash, Bro will be sent
directly to the log Elasticsearch?

 

2.I follow the official document: https:
//www.bro.org/sphinx/components/bro-plugins/elasticsearch/README.html is
configured in /usr/local/bro/share/bro/site/local. bro added @load
bro/ElasticSearch/logs-to-elasticsearch.bro. But it was not successful, in
addition to the configuration of the document still need additional
configuration?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20160301/9dbeb3a3/attachment.html 


More information about the Bro mailing list