[Zeek] Zeek with ELK
Patrick Kelley
patrick.kelley at criticalpathsecurity.com
Sun Jan 5 08:00:16 PST 2020
Logstash is the best option.
http://thegreyblog.blogspot.com/2014/01/installing-logstash-on-freebsd.html?m=1
Patrick Kelley, CISSP, C|EH, ITIL
CTO
patrick.kelley at criticalpathsecurity.com
> On Jan 5, 2020, at 10:35 AM, sec-x sec-x <center.mnt at gmail.com> wrote:
>
> Hi,
>
> I recently used zeek IDS on FreeBSD 12.1 - Default Policy (GetTraffic
> from TAP on the network) and i want to send all the logs to ELK in
> realtime.
>
> I saw Filebeat ports on BSD is old and has problems.
>
> How can i send the logs from the BSD to the Elastic (what is the
> correct/best way)?
>
>
> Thanks,
>
> CM.
> _______________________________________________
> Zeek mailing list
> zeek at zeek.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/zeek
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/zeek/attachments/20200105/053834ea/attachment.html
More information about the Zeek
mailing list