Do you already have bro and/or snort configured and running outside of Metron? For bro have you tried this< https://github.com/bro/bro-plugins/tree/master/kafka>?
If Metron is not up and running then perhaps we should work on that instead. Can you provide details regarding the failures you're seeing? Jon On Tue, Mar 28, 2017, 2:27 AM Farrukh Naveed Anjum <anjum.farr...@gmail.com> wrote: > Hi, > 0.3.1 is having problem getting up started. please guide me on Bro and > Snot logs > > On Tue, Mar 28, 2017 at 6:51 AM, zeo...@gmail.com <zeo...@gmail.com> > wrote: > > Hi Farrukh, > > Sorry I'm just now seeing your message. Were you able to get things > figured out? Off the bat, I would recommend using 0.3.1 instead of > 0.2.0BETA as there are a lot of improvements, but I could definitely help > out regarding ingesting Bro and/or Snort logs into Metron. Let me know - > thanks, > > Jon > > On Thu, Feb 23, 2017 at 6:10 AM Farrukh Naveed Anjum < > anjum.farr...@gmail.com> wrote: > > Hi, > > How can we use Snort and Bro with with Metron ? Reference application only > provides the SQUID Example. > > Any short tutorial will do good. > > > > > -- > With Regards > Farrukh Naveed Anjum > > -- > > Jon > > > > > -- > With Regards > Farrukh Naveed Anjum > -- Jon
