Filebeat Log Processing - Filestream #9896
Replies: 1 comment
-
|
Could you share some more details? What kind of logs are you sending to Security Onion to be parsed? How are you transporting them? |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
I have an issue with the new "filestream" input. After switching from the deprecated "log" input to "filestream" the logs stopped being processed - SO receives the logs but the field values are not extracted. I can see the entire log in the "message" field but since no values are extracted it's hard to set up any plays or do anything with it. I'm sure I'm missing something but not sure what. Please advise.
Thank you
Beta Was this translation helpful? Give feedback.
All reactions