i Receiving WAF(Web Application FireWall) log, Network Scan Result log file(xml)
And try to send this log to ElasticSearch using logstash
i want to parse this log according to ECS Format.
but, "https://github.com/elastic/ecs" is It just output the specification for ecs, and I don't know how to use it.
WAF log, Scan log is custom log, There is no related module in filebeat.
I think it will take a long time to build the filebeat module, so I try to use Logstash.
Ask if there is an example related to it.