[
https://issues.apache.org/jira/browse/METRON-25?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15132974#comment-15132974
]
ASF GitHub Bot commented on METRON-25:
--------------------------------------
Github user nickwallen commented on the pull request:
https://github.com/apache/incubator-metron/pull/17#issuecomment-180037630
The alternative solution to creating this Bro plugin is to use some means
of tailing the log files that are generated by Bro. Each stream in Bro is
logged to a separate file, so you'd have to tail each of these files
independently. Tailing log files like this is problematic.
> Create Bro Plugin to Send Logs Directly to Kafka
> ------------------------------------------------
>
> Key: METRON-25
> URL: https://issues.apache.org/jira/browse/METRON-25
> Project: Metron
> Issue Type: Improvement
> Reporter: Nick Allen
> Priority: Critical
> Original Estimate: 48h
> Remaining Estimate: 48h
>
> Create a Bro plugin that will consume the logs produced by Bro and send them
> directly to a Kafka topic. The types of logs to send should be configurable,
> so that only a subset of them are published to Kafka. For example, I may
> only want DNS::LOG and HTTP::LOG sent to Kafka. This should not interfere
> with the existing file based logging which is useful for diagnostics and
> troubleshooting.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
