[pve-devel] pve-firewall: using NFLOG

Alexandre DERUMIER aderumier at odiso.com
Fri Mar 14 03:18:21 CET 2014


AFAIK, ulogd 
https://home.regit.org/2014/03/suricata-ulogd-splunk-logstash/ 


can now output in json format, and then logstash or splunk can read them easily. 


code is here : 
http://git.netfilter.org/ulogd2/tree/output/ulogd_output_JSON.c?id=2b39df550fbad944b4aab77617d4272c5d62ba70 


It could be wonderfull to add this kind of output format 



	
Alexandre D e rumier 
Ingénieur Systèmes et Réseaux 

Fixe : 03 20 68 88 90 

Fax : 03 20 68 90 81 

45 Bvd du Général Leclerc 59100 Roubaix 
12 rue Marivaux 75002 Paris 

----- Mail original -----

De: "Dietmar Maurer" <dietmar at proxmox.com> 
À: "Dietmar Maurer" <dietmar at proxmox.com>, "Eric Blevins" <eric at netwalk.com>, pve-devel at pve.proxmox.com 
Envoyé: Jeudi 13 Mars 2014 17:49:44 
Objet: Re: [pve-devel] pve-firewall: using NFLOG 

> > logstash can read just about anything, it can also listen on UDP or 
> > TCP and accept data in a format you specify. 
> > 
> 
> So you think we can use whatever format we like? 

And use nxlog to feed logstash? 

_______________________________________________ 
pve-devel mailing list 
pve-devel at pve.proxmox.com 
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.proxmox.com/pipermail/pve-devel/attachments/20140314/f5ee99f6/attachment.htm>


More information about the pve-devel mailing list