FIM

Post a question
2
responses

FIM output to logstash has a mismatch Json format

Hi team, i use the FIM module to monitor a test file and output it to 2 destination: local file and remote logstash with tcp.

Now I could see the log in local file, but remote logstash fails to parse the log with json. After checking the log, i figure out that the log received by logstash is different:

AskedFebruary 13, 2022 - 10:33am
1
response

Add IP Address to FIM Output

I am testing the FIM module but would like it to not only include the name of the system that the event is coming from but also the IP address. Is there an easy way to have the output for the FIM module include the IP address of the system in the event?

AskedMay 6, 2020 - 5:48pm