[
https://issues.apache.org/jira/browse/METRON-508?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15992876#comment-15992876
]
Jon Zeolla commented on METRON-508:
-----------------------------------
I'm in the process of writing all of that up and testing my changes. I don't
expect to update, for instance, the sensor-stubs to push new data in, but I
will take a look at testing the different logs against the parser. Hopefully I
will get this out today.
> Expand Elasticsearch templates to support the standard bro logs
> ---------------------------------------------------------------
>
> Key: METRON-508
> URL: https://issues.apache.org/jira/browse/METRON-508
> Project: Metron
> Issue Type: Sub-task
> Reporter: Jon Zeolla
> Assignee: Jon Zeolla
> Priority: Minor
> Original Estimate: 2h
> Remaining Estimate: 2h
>
> The current elasticsearch templates do not support any logs other than Conn,
> HTTP, and DNS. We should provide additional templates so that an
> out-of-the-box bro install can send all of its logs into Metron and they will
> get probably indexed in elasticsearch.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
