If you have text snort logs you can use Apache nifi or the Kafka producer script as described in step 4 here[1] to push them to Metron's snort topic. You may also want to look at this [2].
1: https://kafka.apache.org/quickstart 2: https://stackoverflow.com/questions/38701179/kafka-console-producer-and-bash-script Jon On Fri, Oct 27, 2017, 02:15 Syed Hammad Tahir <mscs16...@itu.edu.pk> wrote: > Hello everyone, > > I have run snort independently on vagrant ssh and dumped the logs in > tcpdump format. Now I want to bring them to metron to play with them a bit. > Some of you already replied me with some solutions but thats lost in the > inbox somewhere and engulfed by the elasticsearhc issue that I had. Please > give me an easy to understand this solution for this problem. > > Regards. > -- Jon
