[netsa-tools-discuss] super_mediator log output
Chris Inacio
inacio at cert.org
Thu Mar 5 08:58:38 EST 2015
Mr. Margis,
Can you also let us know which SIEM you are trying to use. We are considering supporting more output formats, but would like to formats that cover the largest number of solutions.
--
Chris Inacio
inacio at cert.org
> On Mar 5, 2015, at 7:42 AM, Gediminas Margis <gediminas.margis at gmail.com> wrote:
>
> Hello,
>
> I went through the documentation of super_mediator, but I could not find if it is possible to get a single-line log per "event".
>
> At the moment everything goes to a separate line. Is it possible to get a single line for a full log per "http" requests including DPI information?
>
> The goal is to read these logs with SIEM solution. Now separate requests that happen at the same time cannot be extracted with multi-line parsing.
>
> --
> Best Regards,
>
> Gediminas Margis,
> +37068600659
>
> PGP Key-ID: 0xE6D92FE2FA3AD133
> 77BD 9F67 F1CF 72B0 7273 E086 E6D9 2FE2 FA3A D133
More information about the netsa-tools-discuss
mailing list