danielguerra69 / bro-debian-elasticsearch

bro on debian with elasticsearch support
24 stars 16 forks source link

Bro 2.5 & E-K 5.1.1 #10

Closed garanews closed 7 years ago

garanews commented 7 years ago

Hello, did you tested with latest version of E-K?

danielguerra69 commented 7 years ago

Hi,

Tested I have tested danielguerra/bro-alpine-elasticsearch:x-pack with es 5 with xpack installed Check https://github.com/danielguerra69/bro-alpine-elasticsearch/blob/master/docker-compose.yml https://github.com/danielguerra69/bro-alpine-elasticsearch/blob/master/docker-compose.yml The alpine version has no file extraction or pcap integration yet. It has tcprs running. I tested it with danielguerra/elasticsearch-x-pack & danielguerra/kibana-x-pack

Not tested. You could try to run danielguerra/bro-debian-elasticsearch with es5+. Only the kibana config from the docker-compose file won’t work. es5+ uses more memory and is hard to run in my test environment. I have tested it with es 2.4. Beside the config for kibana nothing has changed in es5+ so everything should work.

On 13 Jan 2017, at 15:30, garanews notifications@github.com wrote:

Hello, did you tested with latest version of E-K?

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/danielguerra69/bro-debian-elasticsearch/issues/10, or mute the thread https://github.com/notifications/unsubscribe-auth/ALzmMuw-Y6Q9GEyxeb83LFOxFrUfrLjJks5rR4qDgaJpZM4Li7y6.

danielguerra69 commented 7 years ago

no problem