Collecting Json/CSV data from a URL as input

HaranKumar · March 26, 2019, 2:49am

Hello Team,

I am collecting list of IOC from various sources using minemeld and it is available in a URL.
https://...My_IP_address.../feeds/Bad_IPv4?tr=1&v=json

How do I collect the list of IPs and send it into elasticsearch ?

basically my requirement is to collect dynamic IOC from Minemeld and use it with my ELK stack.

my approaches

Collect IOC list and store it in a json file and use it with Translate filter in logstash for adding IP reputation check.
or
Collect IOC list and send it to elasticsearch directly and store it in a separate index.

** minemeld has logtsash output which sends TCP data at port 5514. but it doesn't work for me. So i am going for collecting IOC in a file and using it with translate filter in logstash.

if some one has already tried minemeld logstash output - kindly help.

Regards,
Haran

system · April 23, 2019, 2:49am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Logstash query for IPs and GeoData Logstash	2	352	November 7, 2018
Logstash TCP Client configuration Logstash	3	1591	July 6, 2017
Logstash/Elasticsearch - tempate for array of ips from web log? Elasticsearch	2	1600	July 5, 2017
Logstash ElasticSearch Filter doesn't work with dissect fields or IP ranges Logstash	0	93	June 26, 2024
Sending data to cloud Logstash pipeline Logstash	3	381	May 18, 2019

Collecting Json/CSV data from a URL as input

Related topics