Suricata logs to Logstash with Filebeat on pfSense 2.4

I'm using EVE JSON output. Enable EVE from Service - Suricata - Edit interface mappingEVE Output Settings EVE JSON Log [x] EVE Output Type: File Install Filebeat FreeBSD package https://pkg.freebsd.org/FreeBSD:11:amd64/latest/All/ Find beats-x.x.x.txz curl -o beats-x.x.x.txz https://pkg.freebsd.org/FreeBSD:11:amd64/latest/All/beats-x.x.x.txz pkg add beats-x.x.x.txz Download modules https://www.elastic.co/downloads/past-releases Download same version Filebeat LINUX 64-BIT curl -o filebeat-x.x.x-linux-x86_64.tar.gz https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-x.x.x-linux-x86_64.tar.gz curl -o filebeat-x.x.x-linux-x86_64.tar.gz.sha512 … Continue reading Suricata logs to Logstash with Filebeat on pfSense 2.4