[Bro] smb_files.log, logstash, and kibana
erik clark
philosnef at gmail.com
Tue Aug 7 07:11:05 PDT 2018
Yes, I am using json output.
On Tue, Aug 7, 2018 at 9:36 AM, jose antonio izquierdo lopez <
jizquierdo at owlh.net> wrote:
> Hi, are you using bro - json output? if not maybe this will make your life
> easier when integrating with ES.
>
>
>
> Best Regards,
>
> Jose Antonio Izquierdo
> m - +34 673 055 255
> skype - izquierdo.lopez <https://join.skype.com/invite/aHkpSVL1sz8Q>
>
>
>
>
>
> On Tue, Aug 7, 2018 at 2:43 PM erik clark <philosnef at gmail.com> wrote:
>
>> I have a field name collision on "path". Logstash is pushing into ES a
>> field of "path" with the file path on disk to the log being monitored.
>>
>> In smb_files.log, path refers to the path on disk of the file being
>> written by smb. How would this best be resolved?
>> _______________________________________________
>> Bro mailing list
>> bro at bro-ids.org
>> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20180807/af45001a/attachment.html
More information about the Bro
mailing list