Showing results for 
Search instead for 
Did you mean: 

Elasticsearch and grok filter


I would like to import our McAfee Web Gateway Proxy Logs into elasticsearch. In order to import the logs I need to use logstash and to separate the different log fields I need to use grok.

Even I am skilled regarding Regex, I have big problems to write the grok command.

Did anyone wrote a filter for the McAfee Proxy Logs before and is willing to provide me with this information ?

BR Marcus

1 Reply
McAfee Employee jscholte
McAfee Employee
Report Inappropriate Content
Message 2 of 2

Re: Elasticsearch and grok filter

Hi Marcus,

Would this github repo help (specifically the json file)?

GitHub - Jerrison777/Graylog-MWG-Contentpack: Collecting Syslog Ouput from McAfee Web Gateway 7.5

Best Regards,


Member Rewards
McAfee Community rewards active and helpful members just like you. Click here to take a look at the first community members who received a special reward and were recognized by McAfee leader, Aneel Jaeel, for their participation and trusted knowledge in the community.