[Bro] Bro and Splunk forwarder
fatema bannatwala
fatema.bannatwala at gmail.com
Tue May 1 13:52:38 PDT 2018
Hi Joseph,
Just wanted to get clarity, are you running Splunk forwarder on the manager
of your Bro cluster?
If yes, then how are you monitoring the log files generated by bro in
current dir (i.e. contents of your inputs.conf of Splunk Forwarder)?
I believe, Splunk monitoring should work just fine on the bro log files on
manager.
Fatema.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20180501/755889ff/attachment.html
More information about the Bro
mailing list