https://github.com/binorassocies/brostash-pipeline

Brostash Logstash pipeline
https://github.com/binorassocies/brostash-pipeline

bro-ids bro-logs brostash brostash-pipeline elasticsearch logstash

Last synced: 5 months ago
JSON representation

Brostash Logstash pipeline

Host: GitHub
URL: https://github.com/binorassocies/brostash-pipeline
Owner: binorassocies
License: gpl-3.0
Created: 2018-11-17T16:55:33.000Z (over 6 years ago)
Default Branch: master
Last Pushed: 2018-11-17T17:23:49.000Z (over 6 years ago)
Last Synced: 2024-01-14T09:02:46.084Z (over 1 year ago)
Topics: bro-ids, bro-logs, brostash, brostash-pipeline, elasticsearch, logstash
Size: 25.4 KB
Stars: 6
Watchers: 2
Forks: 2
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# Brostash Logstash pipeline

A collection of script and configurations for an ELK stack setup with Bro IDS logs as an input. The repository have the following structure:

* `./index_template`: Elasticsearch index template mapping for bro logs. To deploy running the following:

```
curl -XPUT -H "Content-Type: application/json" http://localhost:9200/_template/bro -d @bro_template.json
```

* `./conf.d`: Logstash plugins scripts. The sub directory `bro_filters` contains a set of scripts for processing Bro IDS generated Logs. Among others, the `net flow`, `dns` and `http` logs are processed.

* `./pattern`: Grok patterns for the Logstash processing pipeline.

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Awesome

https://github.com/binorassocies/brostash-pipeline

Awesome Lists containing this project

README