How to send Suricata log to Kafka?

Question

After install and config Suricata 5.0.2 according to document https://suricata.readthedocs.io/.

I try to change some configuration in suricata.yaml by adding:

Answer 1

I don't see Kafka listed as an output type, therefore "no, there is not"

Refer docs: https://suricata.readthedocs.io/en/suricata-5.0.2/output/index.html

Plus, I'm not sure I understand what you expect http: yes to do since Kafka is not an HTTP service

---

What you could do is set filetype: unix_stream, then I assume that is Syslog, and you can add another service like Kafka Connect or Fluentd or Logstash to route that data to Kafka.

In other words, services don't need to integrate with Kafka. Plenty of alternatives exist to read files or stdout/stderr/syslog streams