Suricata and Sagan "stats" support.

beave / meer

Meer (GPLv2) is a dedicated "spooler" for the Suricata & Sagan EVE output formats.

23 stars 6 forks source link

Suricata and Sagan "stats" support. #6

Open beave opened 5 years ago

beave commented 5 years ago

Come up with a schema to support Suricata and Sagan "stats". This way, from a UI , you could query the health of the sensor. Trigger on the event_type of "stats".