Hi all, I pushed data to elastic search indices from csv . Log data has been parsed to CSV using customized parser and i am trying to view in metron alerts and apply machine learning on top of those log data(Maas). I pushed bro,snort,yaf logs to Metron .When i tried to push syslog in syslog 5424 format, i was able to see those logs getting indexed in elastic search as well as it is present in hdfs.But i couldn't view those system logs in metron alerts ui and in Kibana also i am not able to get indexes like *syslog5424 though index has been created.So i created index with * pattern.
How to view syslog and custom parsed logs in csv in metron alerts.What should be configured for data in elastic search to besent to Metron alerts ui and for Maas as well.can someone pls help Thanks and Regards, Hema
