[Bro] which kafka plugin to use?
Erich M Nahum
nahum at us.ibm.com
Tue Aug 15 08:24:21 PDT 2017
> I do plan to go further and use the Kafka plugin to pipe into Logstash,
> but haven't gotten that far yet.
I'm now trying to integrate with Kafka but have questions.
The original kafka plugin, hosted at https://github.com/bro/bro-plugins, is
now gone.
This version built for me but I made the mistake of doing a git pull.
All that's left is a message that one should now use the package manager.
But there is no package for this yet.
When trying to build from the git tree at
https://github.com/g-clef/KafkaLogger,
I get the following build error:
[ 33%] Building CXX object
CMakeFiles/Kafka-KafkaWriter.linux-x86_64.dir/src/AddingJson.cc.o
/usr/src/KafkaLogger/src/AddingJson.cc:3:20: fatal error: config.h: No such
file or directory
compilation terminated.
CMakeFiles/Kafka-KafkaWriter.linux-x86_64.dir/build.make:80: recipe for
target 'CMakeFiles/Kafka-KafkaWriter.linux-x86_64.dir/src/AddingJson.cc.o'
failed
I don't see any config.h. I've tried building (configure --bro-dist) with
both bro-2.5 and bro-2.5.1
I see there's now a Metro fork of the kafka plugin at
https://github.com/apache/metron/tree/master/metron-sensors/bro-plugin-kafka
but I am reluctant to try it based on email comments that it is beta.
Any comments/suggestions?
Thanks,
-Erich
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20170815/da07350d/attachment.html
More information about the Bro
mailing list