One comment on “Pivoting from Snorby to Logstash using Lookup Sources

  1. Hello. I'm trying to implement this with my own instances of bro, logstash and snorby. I'm able to see the logs from bro in populating in kibana, but when I enter the source into snorby's lookup sources, I see no evidence of the bro logs. Could you update with the output seen in snorby?

Leave a Reply