Skip to content

binorassocies/brostash-pipeline

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
conf.d/bro_filters
conf.d/bro_filters
 
 
index_template
index_template
 
 
pattern
pattern
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Brostash Logstash pipeline

A collection of script and configurations for an ELK stack setup with Bro IDS logs as an input. The repository have the following structure:

  • ./index_template: Elasticsearch index template mapping for bro logs. To deploy running the following:
curl -XPUT -H "Content-Type: application/json" http://localhost:9200/_template/bro -d @bro_template.json

  • ./conf.d: Logstash plugins scripts. The sub directory bro_filters contains a set of scripts for processing Bro IDS generated Logs. Among others, the net flow, dns and http logs are processed.

  • ./pattern: Grok patterns for the Logstash processing pipeline.

About

Brostash Logstash pipeline

Topics

elasticsearch logstash bro-ids bro-logs brostash brostash-pipeline

Resources

Readme

License

GPL-3.0 license
Activity
Custom properties

Stars

6 stars

Watchers

2 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published