hi
We got data coming via syslog-> logstash from certain Linux devices and don't have auditbeats.
Is there a logstash pattern, where I can map the auditd fields to ECS (common schema) format?
hi
We got data coming via syslog-> logstash from certain Linux devices and don't have auditbeats.
Is there a logstash pattern, where I can map the auditd fields to ECS (common schema) format?
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.