1 Reply Latest reply on Nov 8, 2017 9:31 AM by Jon Scholten

    Elasticsearch and grok filter

    marcschm

      Hello,

       

      I would like to import our McAfee Web Gateway Proxy Logs into elasticsearch. In order to import the logs I need to use logstash and to separate the different log fields I need to use grok.

      Even I am skilled regarding Regex, I have big problems to write the grok command.

       

      Did anyone wrote a filter for the McAfee Proxy Logs before and is willing to provide me with this information ?

       

      BR Marcus