clear query| facets| time Search criteria: .   Results from 1 to 10 from 60 (0.0s).
Loading phrases to help you
refine your search...
[expand - 4 more] - Droping events based on ip adr from sysmon - Beats - [mail # user]
...hi thanksthis means i have to make a line for each ip adr i want to drop then?its not possible to list the DestinatioIP that i want to drop like...    - or:      &nb...
   Author: ssi , 2018-11-08, 16:32
Winlogbeat sending sysmon data to kibana - Beats - [mail # user]
...hey i dont think sysmon can provide "latency" in relation to process creation etc. here i would go for another sysinternals tool called procmonif you google promon latency you get some good ...
   Author: ssi , 2018-11-08, 12:06
[expand - 2 more] - Hypen "-" in grok fields - Logstash - [mail # user]
...thanks magnus, my mistake I fixed it, but it still seams as if the grok filter simply is not activated, at least that what i thought. Then i noticed the empty first space on the fields below...
   Author: ssi , 2018-09-27, 08:05
[expand - 1 more] - Translate within mutate section - Logstash - [mail # user]
...But still with the same filter statement right ? So i just move it outside the mutate section - rightThanks for the Quick reply you rock---...
   Author: ssi , 2018-06-27, 15:39
[expand - 1 more] - Adding field after mutate rename statement - Logstash - [mail # user]
...super i works!this is the working config  if [process_parent_name] =~ /(?i)(OUTLOOK.EXE)/ and [process_name] =~ /(?i)(iexplore.exe|chrome.exe|firefox.exe|edge.exe)/ {    mutat...
   Author: ssi , 2018-05-30, 13:13
Filter not "fireing" being bypassed - Logstash - [mail # user]
...windows environment beats input from windows event forwarder server. data is comming in not problem but the filter seems to be circumvented. the config was written for linux ubuntu, input {&...
   Author: ssi , 2018-03-20, 14:07
Groking of cisco switch logs (non asa) - Logstash - [mail # user]
...Hi just wanted to give something back to the community here is the grok and pattern file that i got things working with. if there are a shorter/better way to do this please feel free to amen...
   Author: ssi , 2018-02-12, 14:54
Logstash filter based on beat.name - not type possible? - Logstash - [mail # user]
...Ok and i Can use grok instead of mutate right ? And Then parse the rest of the filter Thanks!!---...
   Author: ssi , 2018-02-07, 19:50
Logstash filter based on beat.name - not type possible - Logstash - [mail # user]
...Hi im trying to get at logstash filter to fire based on one of the fields or tag instead of type. the reason being that i have multible types of beats coming in (winlogbeat and filebeat) i t...
   Author: ssi , 2018-02-07, 16:28
Windows event forward collector server -> ELK - Logstash - [mail # user]
...Hii hope this is the correct place to post this.we have a Windows Event forward infrastructure in place (WEF) sending the logs to a central server.does anyone have a config for this, my plan...
   Author: ssi , 2017-12-05, 09:03