H Jaime Good idea!
How do you transform all data of ntopng into Kafka? By modified nprobe? Thanks Best regards John 在 2013年12月31日星期二,Jaime Nebrera <[email protected]> 写道: > Hi John, > > We are working more or less along those lines, but from a different origin > > What we do is transform all data into Apache Kafka messages and then work from there > > In particular we have modified nprobe to export such data (bad hack, just a fast solution whuile we get into something better done) as well as Snort (through Barnyard2) > > Our next step will be to do the same with syslog messages, and use elasticsearch too. > > What do you think? > > On 31/12/13 10:40, Luca Deri wrote: > > John, > let me ask another question instead. What format do you need in your SIEM? Please make an example > Regards Luca > On 31 Dec 2013, at 07:55, John Zhang <[email protected]> wrote: > > Hi everyone, > > My SIEM is Logstash + elasticsearch, and I want to add the data of ntopng to my SIEM. So my big problem is: How I export data of ntopng into Logstash? > > Any suggestion, comment, or reference will be highly appreciate! > > Thanks! > > Best regards, > > John > _______________________________________________ > Ntop-misc mailing list > [email protected] > http://listgateway.unipi.it/mailman/listinfo/ntop-misc > > > _______________________________________________ > Ntop-misc mailing list > [email protected] > http://listgateway.unipi.it/mailman/listinfo/ntop-misc > > > -- > Jaime Nebrera - [email protected] > Consultor TI - ENEO Tecnologia SL > C/ Manufactura 2, Edificio Euro, Oficina 3N > Mairena del Aljarafe - 41927 - Sevilla > Telf.- 955 60 11 60 / 619 04 55 18
_______________________________________________ Ntop-misc mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop-misc
