AFAIK, ulogd https://home.regit.org/2014/03/suricata-ulogd-splunk-logstash/
can now output in json format, and then logstash or splunk can read them easily. code is here : http://git.netfilter.org/ulogd2/tree/output/ulogd_output_JSON.c?id=2b39df550fbad944b4aab77617d4272c5d62ba70 It could be wonderfull to add this kind of output format Alexandre D e rumier Ingénieur Systèmes et Réseaux Fixe : 03 20 68 88 90 Fax : 03 20 68 90 81 45 Bvd du Général Leclerc 59100 Roubaix 12 rue Marivaux 75002 Paris ----- Mail original ----- De: "Dietmar Maurer" <diet...@proxmox.com> À: "Dietmar Maurer" <diet...@proxmox.com>, "Eric Blevins" <e...@netwalk.com>, pve-devel@pve.proxmox.com Envoyé: Jeudi 13 Mars 2014 17:49:44 Objet: Re: [pve-devel] pve-firewall: using NFLOG > > logstash can read just about anything, it can also listen on UDP or > > TCP and accept data in a format you specify. > > > > So you think we can use whatever format we like? And use nxlog to feed logstash? _______________________________________________ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
_______________________________________________ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
