Philelis
commented
7 years ago Hey, I have the same error, do you have any result?
Open ichintu opened 7 years ago
Philelis
commented
7 years ago Hey, I have the same error, do you have any result?
ichintu
commented
7 years ago NO I also realized that glast0pf urls do not go into Elasticsearch. This project looks dead. I have been a huge fan of threatstream but very disappointed. They don't even respond to the open data feed email anymore. I run 24 honeypots and considering moving to Cymmetria
Philelis
commented
7 years ago I use snare with tanner (it's new and they are friendly) instead of Glastopf, it isn't in this project but it has a good json log for Elastic =) and I updated suricata to the version of yesterday (Can found in my Github repos or hopefully they merge it)
b1ackzero
commented
6 years ago 1) stop the logger (supervisorctl stop hpfeeds-logger-splunk or supervisorctl stop hpfeeds-logger-json)
2) in file /opt/hpfeeds-logger/lib/python2.7/site-packages/hpfeedslogger/processors.py, function suricata_events, change kwargs['suricata_{}'.format(field)] = dec.get(field) to kwargs['suricata_{}'.format(field)] = dec[field]
3) start the logger
jjjan
commented
6 years ago is there any way to show cve of signature in splunk log?
Hi,
I am having the exact same error as this: https://groups.google.com/forum/#!msg/modern-honey-network/HuP6gj7LPZ0/fZg6oDl0AQAJ
Any help would be much appreciated. Thanks.