1 Reply Latest reply on Nov 8, 2017 9:31 AM by Jon Scholten

    Elasticsearch and grok filter




      I would like to import our McAfee Web Gateway Proxy Logs into elasticsearch. In order to import the logs I need to use logstash and to separate the different log fields I need to use grok.

      Even I am skilled regarding Regex, I have big problems to write the grok command.


      Did anyone wrote a filter for the McAfee Proxy Logs before and is willing to provide me with this information ?


      BR Marcus