Barracuda WAF log input format

Continuing the discussion from Barracuda WAF Log Parsing:

We are seeking guidance on how to configure the Barracuda WAF logs to output to Filebeat in a format that is accepted by the provided following scripts in the module:

    - ${path.home}/module/barracuda/waf/config/liblogparser.js
    - ${path.home}/module/barracuda/waf/config/pipeline.js

We have attempted the default and the RSA enVision formats, but neither worked. Basically, what output format is required to make the Barracuda filebeat module function properly?

This is the module that we are attempting to use:

@PhilA - Were you ever able to get this working?

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.