[Bro] filebeat +elk
Zeolla@GMail.com
zeolla at gmail.com
Wed Mar 28 10:09:16 PDT 2018
Do you specifically need to send it to logstash or do you just need it to
get inserted into elasticsearch?
Jon
On Wed, Mar 28, 2018 at 1:07 PM erik clark <philosnef at gmail.com> wrote:
> I am trying to ingest bro 2.5 json logs into an elk stack, using filebeat
> to push the logs. Is that even the best way to do this? I have found MUCH
> outdated material on ingesting bro logs into an elk stack, but very little
> that is up to date, and some of which is up to date but is using older
> versions of software from elastic.co. If anyone has a modern bro/elk
> integration document they use(d) to set their environment up, it would be
> greatly appreciated if you could share. Thanks!
>
> Erik
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
--
Jon
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20180328/f778457c/attachment.html
More information about the Bro
mailing list