bro-elk-IDS icon indicating copy to clipboard operation
bro-elk-IDS copied to clipboard

Published 20 hours ago verified publisher icon BrashEndeavours

Support for Logstash 5.0.1?

Open ghost opened this issue 8 years ago • 3 comments

Error with Logstash 5.0.1: [logstash.inputs.bro ] each: watched?: /nsm/bro/logs/current/weird.log: (#<NoMethodError: Direct event field references (i.e. event['field']) have been disabled in favor of using event get and set methods (e.g. event.get('field')). Please consult the Logstash 5.0 breaking changes documentation for more details.>)

Is there any planning for an update to Logstash 5.0.1?

ghost avatar Nov 22 '16 13:11 ghost

Sorry @masterjohn2016 I've been slacking, will fix today.

unstable-deadlock avatar Dec 02 '16 22:12 unstable-deadlock

Hello, getting 2 errors:

[2016-12-05T14:15:20,265][ERROR][logstash.pipeline ] A plugin had an unrecoverable error. Will restart this plugin. Plugin: <LogStash::Inputs::Bro type=>"ssl", path=>"/bro/logs/current/ssl.log", start_position=>"beginning", sincedb_path=>"/dev/null", id=>"60289ca070d9b9f6ca6d7c5f0d7ef582a3568ea9-24", enable_metric=>true, codec=><LogStash::Codecs::Plain id=>"plain_cc96255b-74c5-46bb-9ff3-b4662e5cfecc", enable_metric=>true, charset=>"UTF-8">, stat_interval=>1, discover_interval=>15, sincedb_write_interval=>15, delimiter=>"\n"> Error: Direct event field references (i.e. event['field']) have been disabled in favor of using event get and set methods (e.g. event.get('field')). Please consult the Logstash 5.0 breaking changes documentation for more details.

how to fix it? Thanks

garanews avatar Dec 05 '16 13:12 garanews

Hello, @BrashEndeavours , any chance to solve this error?

garanews avatar Jan 10 '17 11:01 garanews