Continuing the discussion from Barracuda WAF Log Parsing:
We are seeking guidance on how to configure the Barracuda WAF logs to output to Filebeat in a format that is accepted by the provided following scripts in the module:
- ${path.home}/module/barracuda/waf/config/liblogparser.js
- ${path.home}/module/barracuda/waf/config/pipeline.js
We have attempted the default and the RSA enVision formats, but neither worked. Basically, what output format is required to make the Barracuda filebeat module function properly?
This is the module that we are attempting to use:
@PhilA - Were you ever able to get this working?