It could be interesting to support the Security Onion Elasticsearch schema. This is probably only useful if SO is setup to use Suricata for metadata as well.
evebox copied to clipboard
jasonish
