Monitors Bro NSM logs and sends them to Elasticsearch
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
_meta fix _meta template to correctly include types Jan 8, 2017
beater fix _meta template to correctly include types Jan 8, 2017
config add all my work back in Dec 30, 2016
data fix _meta template to correctly include types Jan 8, 2017
docs fix _meta template to correctly include types Jan 8, 2017
logstash fix _meta template to correctly include types Jan 8, 2017
modules fix _meta template to correctly include types Jan 8, 2017
scripts
tests/system fresh copy Dec 30, 2016
vendor add fsnotify to vendor Jan 7, 2017
.gitignore Merge remote-tracking branch 'origin/master' Jan 23, 2017
.travis.yml
CHANGELOG.md add changelog Dec 30, 2016
CONTRIBUTING.md
LICENSE fresh copy Dec 30, 2016
Makefile maybe fix travis? Jan 7, 2017
NOTES.md add easy link back to beats in notes Jan 8, 2017
README.md add link to me asking logstash for help Jan 7, 2017
brobeat.full.yml change to watch a folder Jan 4, 2017
brobeat.template-es2x.json fix _meta template to correctly include types Jan 8, 2017
brobeat.template.json fix _meta template to correctly include types Jan 8, 2017
brobeat.yml change to watch a folder Jan 4, 2017
filebeat.py add all my work back in Dec 30, 2016
main.go playing with fields Dec 30, 2016
main_test.go fresh copy Dec 30, 2016

README.md

Brobeat (WIP)

Build Status License codecov

DISCUSSION HERE - https://discuss.elastic.co/t/question-about-creating-brobeat

Welcome to Brobeat.

Start Elastic Stack

$ docker run -d --name elstack -p 80:80 -p 9200:9200 blacktop/elastic-stack
$ git clone https://github.com/blacktop/brobeat.git
$ cd brobeat
$ make
# change `path: ./data` in `brobeat.yml` to where your logs will be written
$ ./brobeat -e -c brobeat.yml

NOTE: 🚧 This is very beta software and it may create duplicate logs in elasticsearch 🚧

TODO

  • Fix logstash pattern file generation
  • Ask logstash people for help on ingest pipelines/grok patterns LINK
  • Pull in filebeat code to watch a folder for *.log files
  • Create some cool dashboards

Issues

Find a bug? Want more features? Find something missing in the documentation? Let me know! Please don't hesitate to file an issue

CHANGELOG

See CHANGELOG.md

Contributing

Please start by reading our CONTRIBUTING file.

See all contributors on GitHub.

Please update the CHANGELOG.md and submit a Pull Request on GitHub.

License

Apache License (Version 2.0)
Copyright (c) 2016-2017 blacktop