Contains log parsers for Logstash for many systems and applications. Also contains many methods of augmenting logs.
This repo contains a script which will convert a Security Onion system running in Evaluation Mode from ELSA to ELK.
Please note the following!
WARNINGS AND DISCLAIMERS
- This technology PREVIEW is PRE-ALPHA, BLEEDING EDGE, and TOTALLY UNSUPPORTED!
- If this breaks your system, you get to keep both pieces!
- This script is a work in progress and is in constant flux.
- This script is intended to build a quick prototype proof of concept so you can see what our ultimate ELK configuration might look like. This configuration will change drastically over time leading up to the final release.
- Do NOT run this on a system that you care about!
- Do NOT run this on a system that has data that you care about!
- This script should only be run on a TEST box with TEST data!
- This script is only designed for standalone boxes and does NOT support distributed deployments.
- Use of this script may result in nausea, vomiting, or a burning sensation.