cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
marcschm
Level 7

Elasticsearch and grok filter

Hello,

I would like to import our McAfee Web Gateway Proxy Logs into elasticsearch. In order to import the logs I need to use logstash and to separate the different log fields I need to use grok.

Even I am skilled regarding Regex, I have big problems to write the grok command.

Did anyone wrote a filter for the McAfee Proxy Logs before and is willing to provide me with this information ?

BR Marcus

0 Kudos
1 Reply
McAfee Employee

Re: Elasticsearch and grok filter

Hi Marcus,

Would this github repo help (specifically the json file)?

GitHub - Jerrison777/Graylog-MWG-Contentpack: Collecting Syslog Ouput from McAfee Web Gateway 7.5

Best Regards,

Jon

0 Kudos