[Zeek] Zeek ELK integration
Mitra, Shaibal
smitra at ucn.ca
Fri Feb 14 13:13:20 PST 2020
I am running the latest zeek version.I have set up ELK stack on a different Ubuntu server and installed filebeat(all version 7) and enabled zeek plugin.I am porting zeek JSON logs to Ubuntu server and pointing filebeat to the log location.I am not getting any display of top dns top url etc.There is only a number of sessions overtime display which never changes.Is the filebeat zeek plugin only for zeek 2.6 version?
Thanks
[cid:image001.png at 01D5E349.4B35EA40]
[signature]
IT Network Systems Administrator
The Pas Campus
Ph:204-627-8593(Office)
Ph:204-620-1221(Cell)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/zeek/attachments/20200214/44d64afe/attachment-0001.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 58042 bytes
Desc: image001.png
Url : http://mailman.ICSI.Berkeley.EDU/pipermail/zeek/attachments/20200214/44d64afe/attachment-0002.bin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 12170 bytes
Desc: image002.png
Url : http://mailman.ICSI.Berkeley.EDU/pipermail/zeek/attachments/20200214/44d64afe/attachment-0003.bin
More information about the Zeek
mailing list