[
https://issues.apache.org/jira/browse/METRON-1244?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16289216#comment-16289216
]
Simon Elliston Ball commented on METRON-1244:
---------------------------------------------
Absolutely agreed. The challenge is getting hold of good quality sample logs
that we can incorporate cleanly into integration tests. If anyone can
contribute logs alone, that would be helpful, and happy to collaborate on
getting the parsers done too.
> Metron should support VPN Log Parsing
> -------------------------------------
>
> Key: METRON-1244
> URL: https://issues.apache.org/jira/browse/METRON-1244
> Project: Metron
> Issue Type: New Feature
> Reporter: Otto Fowler
>
> VPN Log parsing is very valuable. Metron should support parsing VPN logs
> from multiple vendors, and currently supported devices such as ASA if not
> already.
> Juniper (Pulse Secure)
> openVPN
> fortigate
> F5
> Sonicwall
> others
> This support may be by grok rules or by custom parser.
> We may want to expand this to custom dashboards for VPN specific fields,
> extensions to metron fields for vpn class logs etc.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
