Logstash to LogRhythm SIEM

valbizures · July 25, 2018, 9:50pm

Has anyone had any success setting up Logstash to output directly to a LogRhythm SIEM?

If so can you provide some information as to the types of outputs you used for:

HTTP(S) - I'm currently using packetbeat
DNS - I'm currently using packetbeat
Windows Events - I'm currently using winbeat

My output today is currently syslog, but when I look at the logs on the SIEM they're not complete.

On another note does anyone know of any consulting companies out there that do this type of custom work? SIEM architecture/deployments involving Logstash and a commercial SIEM?

Thanks in advance .

system · August 22, 2018, 9:50pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Configuring Beats to send logs to a SIEM and Logstash in parallel Beats	2	907	October 27, 2017
Logstash Output Dashboards SIEM	1	375	April 17, 2020
Sending logs to external SIEM via syslog using filebeat Beats filebeat	3	5177	August 10, 2020
Windows Event Log to Syslog server Beats winlogbeat	5	1803	April 23, 2018
Looking for best practice recommendations for SysLog data retrieval? Logstash	1	317	February 4, 2020

Logstash to LogRhythm SIEM

Related topics