[Bro] Web GUI for Bro?
project722
project722 at gmail.com
Wed Jan 25 05:48:32 PST 2017
Thanks All. I am looking into ELK.
On Tue, Jan 24, 2017 at 2:44 AM, Kevin Ross <kevross33 at googlemail.com>
wrote:
> As said before ELK is your best bet. Here is a link that may interest you.
> The learning curve may be steep but it is worth it in the end (assuming you
> are putting this together yourself and not a all in one solution that
> provides it for you) when you can query logs as easily as a google search
> and visualise.
>
> https://www.elastic.co/blog/bro-ids-elastic-stack
>
> Also you could use security oniion and it uses ELSA to present these logs
> although my preference these days because of its easier ability I find to
> add in new data sources would be ELK (i.e once you understand logstash and
> parsing logs you can easily parse any log you have to correlate Bro, IDS,
> network and even host logs).
>
> https://github.com/mcholste/elsa
> http://blog.bro.org/2012/01/monster-logs.html
>
> On 21 January 2017 at 11:54, project722 <project722 at gmail.com> wrote:
>
>> Got Bro 2.4.1 working on a RHEL 6 system. Can anyone provide suggestions
>> on what I should use as a web GUI for bro? What is the best options out
>> there? NOTE - my version of Bro was compiled from source.
>>
>> _______________________________________________
>> Bro mailing list
>> bro at bro-ids.org
>> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20170125/652536d8/attachment-0001.html
More information about the Bro
mailing list