On Tue, Apr 13, 2021 at 09:16:10AM -0400, John Stoffel via WLUG wrote:
Now that I have zeek up and running... what's the
for viewing the data? Looking at the hourly emailed logs is sorta
interesting, but honestly not a great way to see trends over time.
I know people use $$$$$plunk (Splunk) for that sort of thing. Perhaps
ELK (Elasticsearch, Logstash, and Kibana) would work. Oh look,
someone has a recipe for how to do that: