Uploaded image for project: 'Metron (Retired)'
  1. Metron (Retired)
  2. METRON-543 Provide a more comprehensive elasticsearch solution
  3. METRON-508

Expand Elasticsearch templates to support the standard bro logs

    XMLWordPrintableJSON

Details

    • Sub-task
    • Status: Done
    • Minor
    • Resolution: Done
    • None
    • 0.4.1
    • None

    Description

      The current elasticsearch templates do not support any logs other than Conn, HTTP, and DNS. We should provide additional templates so that an out-of-the-box bro install can send all of its logs into Metron and they will get probably indexed in elasticsearch.

      Attachments

        Issue Links

          links to

          Web Link GitHub Pull Request #586

          Activity

            People

              jonzeolla Jon Zeolla
              jonzeolla Jon Zeolla
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - 2h
                  2h
                  Remaining:
                  Remaining Estimate - 2h
                  2h
                  Logged:
                  Time Spent - Not Specified
                  Not Specified