История

Brandon Myers 1e796eda16 Remove contributors from lua files		2018-01-04 16:51:14 -06:00
..
README.md	averez-doc: adding heka-lua-bro-notice and heka-lua-bro-intel configuration snippets	2014-04-08 21:22:41 -07:00
bronotice.lua	Remove contributors from lua files	2018-01-04 16:51:14 -06:00
heka.toml	update example heka toml and lua, closes #199	2014-11-10 16:43:15 -08:00

heka-lua-bro-notice

This configuration for heka ships notice logs for Bro stored in /nsm/bro/spool/manager/notice.log to mozdef.

We use here the Lua Sandbox for heka to parse our logs.

These log files have comments starting by # and have tab-delimited fields.

To run it:

rm -rf /var/cache/hekad/*
cp -rf bronotice.lua /usr/share/hekad
hekad -config=heka.toml