how to view logs from Snort in ELK? The unified2 format is not supported by Logstash.
One way would be to setup a Linux VM that runs Barnyard2 to convert and send it to ELK SIEM. I wonder if there is an easier option inside the Windows machine producing the logs while running Snort.
Thanks
Nothing tested yet. Trying to finger out best solution.