You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello,
I am trying to implement Zeek with GoAccess, but i keep getting errors etc..
I tried everything in the forums but nothing worked, used ChatGPT to guide me but it also didn't work, tried my own formats but didn't work.
This is a snippet from my conn.log file of Zeek:
{"ts":1714979075.309996,"uid":"CQsBiPMxhajvmztpi","id.orig_h":"an ip address","id.orig_p":60265,"id.resp_h":"an ip address","id.resp_p":5353,"proto":"udp","service":"dns","conn_state":"S0","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":74,"resp_pkts":0,"resp_ip_bytes":0}
{"ts":1714979075.36216,"uid":"C0yYsy1js3el07M1H9","id.orig_h":"an ip address","id.orig_p":137,"id.resp_h":"an ip address","id.resp_p":137,"proto":"udp","service":"dns","conn_state":"S0","local_orig":true,"local_resp":true,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":78,"resp_pkts":0,"resp_ip_bytes":0}
i have replaced the IPV4/6 ips with "an ip address".
Any help will be good.
Thank you in advance!
The text was updated successfully, but these errors were encountered:
HAIntelligence
changed the title
Can't implement GOAccess with Zeek. Wrong format.
Can't implement GoAccess with Zeek. Wrong format.
May 6, 2024
Sorry about the delay. I stumbled upon a bug in the JSON parser — it didn't handle keys with dots properly. To fix this, you'll need to build from development.
The following should do the job, however, since it's not an access log, there might not be much data to extract.
Hello,
I am trying to implement Zeek with GoAccess, but i keep getting errors etc..
I tried everything in the forums but nothing worked, used ChatGPT to guide me but it also didn't work, tried my own formats but didn't work.
This is a snippet from my conn.log file of Zeek:
i have replaced the
IPV4/6
ips with "an ip address".Any help will be good.
Thank you in advance!
The text was updated successfully, but these errors were encountered: