Collecting Json/CSV data from a URL as input

HaranKumar · March 26, 2019, 2:49am

Hello Team,

I am collecting list of IOC from various sources using minemeld and it is available in a URL.
https://...My_IP_address.../feeds/Bad_IPv4?tr=1&v=json

How do I collect the list of IPs and send it into elasticsearch ?

basically my requirement is to collect dynamic IOC from Minemeld and use it with my ELK stack.

my approaches

Collect IOC list and store it in a json file and use it with Translate filter in logstash for adding IP reputation check.
or
Collect IOC list and send it to elasticsearch directly and store it in a separate index.

** minemeld has logtsash output which sends TCP data at port 5514. but it doesn't work for me. So i am going for collecting IOC in a file and using it with translate filter in logstash.

if some one has already tried minemeld logstash output - kindly help.

Regards,
Haran

system · April 23, 2019, 2:49am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.