To clarify: I would like to add a new parser to deployment, such that it will produce yaf, bro, snort, myparser with full support into the system including monit etc when I deploy to vagrant or to my cluster.
Is there a how to, commit, wiki entry for this? On September 26, 2016 at 13:35:11, Otto Fowler ([email protected]) wrote: Are all the steps required to add a parser documented anywhere? The squid document starts the topology, but I don’t think that integrates it in with monit for example. Or does that actually happen?
