ghost
commented
4 years ago Ended up using the utility https://github.com/hunters-forge/mordor/blob/master/scripts/es-import.py, modified to just read the untarballed json files.
Closed ghost closed 4 years ago
ghost
commented
4 years ago Ended up using the utility https://github.com/hunters-forge/mordor/blob/master/scripts/es-import.py, modified to just read the untarballed json files.
I've been attempting to process Kafkacat v1.5 (
kafkacat -b 172.16.x.x:9092 -P -t winlogbeat -l <file1>) fed logs into both HELK and rocknsm (after moving over the logstash pipelines). Identified that logstash isn't processing the data and only adding the tag "fingerprint-0099-004". Was wondering if you've got a known good deployment of helk that will properly ingest the data.