[Zeek] Zeek with ELK

sec-x sec-x center.mnt at gmail.com
Sun Jan 5 07:32:48 PST 2020


Hi,

I recently used zeek IDS on FreeBSD 12.1 - Default Policy (GetTraffic
from TAP on the network) and i want to send all the logs to ELK in
realtime.

I saw Filebeat ports on BSD is old and has problems.

How can i send the logs from the BSD to the Elastic (what is the
correct/best way)?


Thanks,

CM.


More information about the Zeek mailing list