Skip to content
/ logstash-utm Public

Logstash configuration and templates to parse Sophos UTM logs

1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

topmedia/logstash-utm

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
input
input
 
 
.gitignore
.gitignore
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
logstash-sophos-utm.conf
logstash-sophos-utm.conf
 
 
template.json
template.json
 
 

Repository files navigation

logstash-utm

Logstash configuration and templates to parse Sophos UTM logs.

Supported log types

At this point only the packet filter and web filter (http*.log) file types are supported.

Usage

  • Install Logstash
  • Install Elasticsearch
  • Unpack your UTM logs into the input/ sub-directory.
  • Run make. Logstash will start up, work through all files that are already present and then wait for more.

Syslog Pipe

The syslog pipe can easily be implemented by using the syslog input plugin instead of the current configuration's file input. You can then configure your UTM to push logfiles directly into Logstash. This allows for realtime analytics.

About

Logstash configuration and templates to parse Sophos UTM logs

Resources

Readme
Activity
Custom properties

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages