argus client json format
CS Lee
geek00l at gmail.com
Sun May 4 05:10:20 EDT 2014
hi Carter,
Currently I'm tweaking argus to work with logstash+elasticsearch+kibana,
and I have them working, the way i do is
argus -> ra -c,(CSV) -> logstash -> elasticsearch -> kibana
Right now I have it working properly and argus data is indexed in
elasticsearch, I would like to ask since argus client supports -M xml, can
you add the support for json format as well to do -M json, right now I'm
using logstash filter configuration to handle the data field to be
interpreted correctly in elasticsearch, however the main problem of using
comma separated format is the user data(if the user data contains comma it
breaks), I would like to put suser,duser data into elasticsearch so all of
them become searchable.
I will put up the documentation of how I get everything to work later if
anyone is interested.
Cheers!
--
Best Regards,
CS Lee<geek00L[at]gmail.com>
http://geek00l.blogspot.com
http://defcraft.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20140504/878d9151/attachment.html>
More information about the argus
mailing list