Integrate with Kafka

Start a Kafka Broker

$ docker run -d \
           --name kafka \
           -p 9092:9092 \
           -e KAFKA_ADVERTISED_HOST_NAME=localhost \
           -e KAFKA_CREATE_TOPICS="zeek:1:1" \
           blacktop/kafka:0.11

In a new terminal start a Kafka consumer

Required

Golang
jq

$ go get github.com/Shopify/sarama/tools/kafka-console-consumer
$ kafka-console-consumer --bootstrap-server localhost:9092 --topic zeek | jq .

Run Bro with the Kafka plugin and watch the consumer... consume.

$ wget https://github.com/blacktop/docker-zeek/raw/master/pcap/heartbleed.pcap
$ docker run --rm \
         -v `pwd`:/pcap \
         --link kafka:localhost \
         blacktop/zeek:kafka -P -r heartbleed.pcap local "Site::local_nets += { 192.168.11.0/24 }"

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

kafka.md

kafka.md

Integrate with Kafka

Start a Kafka Broker

In a new terminal start a Kafka consumer

Required

Run Bro with the Kafka plugin and watch the consumer... consume.

Files

kafka.md

Latest commit

History

kafka.md

File metadata and controls

Integrate with Kafka

Start a Kafka Broker

In a new terminal start a Kafka consumer

Required

Run Bro with the Kafka plugin and watch the consumer... consume.