{"id":40753,"date":"2023-09-05T19:15:12","date_gmt":"2024-03-05T23:16:30","guid":{"rendered":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8filebeat%e7%9a%84palo-alto-networks%e6%a8%a1%e5%9d%97%e6%9d%a5%e5%8f%af%e8%a7%86%e5%8c%96%e6%b5%81%e9%87%8f%e6%97%a5%e5%bf%97%e3%80%82\/"},"modified":"2024-04-30T21:39:10","modified_gmt":"2024-04-30T13:39:10","slug":"%e4%bd%bf%e7%94%a8filebeat%e7%9a%84palo-alto-networks%e6%a8%a1%e5%9d%97%e6%9d%a5%e5%8f%af%e8%a7%86%e5%8c%96%e6%b5%81%e9%87%8f%e6%97%a5%e5%bf%97%e3%80%82","status":"publish","type":"post","link":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8filebeat%e7%9a%84palo-alto-networks%e6%a8%a1%e5%9d%97%e6%9d%a5%e5%8f%af%e8%a7%86%e5%8c%96%e6%b5%81%e9%87%8f%e6%97%a5%e5%bf%97%e3%80%82\/","title":{"rendered":"\u4f7f\u7528Filebeat\u7684Palo Alto Networks\u6a21\u5757\u6765\u53ef\u89c6\u5316\u6d41\u91cf\u65e5\u5fd7"},"content":{"rendered":"<h1>Filebeat\u662f\u4ec0\u4e48\uff1f<\/h1>\n<ul class=\"post-ul\">Elastic\u793e\u306e\u8efd\u91cf\u30ed\u30b0\u53ce\u96c6\u30a8\u30fc\u30b8\u30a7\u30f3\u30c8\u7fa4Beats\u306e1\u3064\u3002<\/ul>\n<div><img decoding=\"async\" class=\"post-images\" title=\"\" src=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d42b437434c4406c9a05b\/2-0.png\" alt=\"beats.PNG\" \/><\/div>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">Beats\u306f\u3044\u305a\u308c\u3082Go\u3067\u66f8\u304b\u308c\u3066\u304a\u308a\u4f4e\u8ca0\u8377\u3067\u52d5\u4f5c\u3059\u308b\u305f\u3081\u3001Logstash\u3068\u6bd4\u3079\u3066\u30c7\u30fc\u30bf\u30bd\u30fc\u30b9\uff08Web\u30b5\u30fc\u30d0\u30fc\u7b49\uff09\u306b\u76f4\u63a5\u5c0e\u5165\u3057\u3084\u3059\u3044\u3002<\/ul>\n<\/li>\n<\/ul>\n<p>Logstash\u3068\u6bd4\u3079\u3066\u6a5f\u80fd\u306f\u30b7\u30f3\u30d7\u30eb\u3067\u3001\u53ce\u96c6\u5bfe\u8c61\u306e\u30c7\u30fc\u30bf\u306b\u5fdc\u3058\u3066\u30a8\u30fc\u30b8\u30a7\u30f3\u30c8\u3092\u4f7f\u3044\u5206\u3051\u308b\u5fc5\u8981\u304c\u3042\u308b\u3002<\/p>\n<p>Filebeat\u306f\u30ed\u30b0\u30d5\u30a1\u30a4\u30eb\u306e\u30c7\u30fc\u30bf\u53ce\u96c6\u306b\u7279\u5316\u3057\u305f\u30a8\u30fc\u30b8\u30a7\u30f3\u30c8\u3002<br \/>\n\u6307\u5b9a\u3057\u305f\u30ed\u30b0\u30d5\u30a1\u30a4\u30eb\u3092\u76e3\u8996\u3057\u3001\u66f4\u65b0\u304c\u3042\u308b\u3068Logstash\u3084Elasticsearch\u7b49\u306b\u51fa\u529b\u3059\u308b\u3002<\/p>\n<h1>Module\u662f\u4ec0\u4e48\uff1f<\/h1>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">Filebeat\u3068Metricbeat\u306b\u306f\u4e00\u822c\u7684\u306a\u30ed\u30b0\u30d5\u30a9\u30fc\u30de\u30c3\u30c8\uff08NGINX\u3001Apache\u3001System\u3001Redis\u3001Docker\u7b49\uff09\u306e\u30c7\u30fc\u30bf\u306b\u5bfe\u5fdc\u3059\u308bModule\u304c\u5b58\u5728\u3059\u308b\u3002\u4e00\u89a7\u306f\u3053\u3061\u3089\u3002<\/ul>\n<\/li>\n<\/ul>\n<p>Module\u306b\u3088\u3063\u3066Elasticsearch\u306b\u53d6\u308a\u8fbc\u307e\u305b\u308b\u30c7\u30fc\u30bf\u306e\u5909\u63db\u8a2d\u5b9a\u3084Kibana\u306b\u3088\u308b\u53ef\u8996\u5316\u306e\u305f\u3081\u306e\u30c0\u30c3\u30b7\u30e5\u30dc\u30fc\u30c9\u4f5c\u6210\u3092\u7701\u7565\u30fb\u7c21\u7565\u5316\u3067\u304d\u308b\u3002<br \/>\n7.0\u4ee5\u964d\u3001Module\u3067\u5b9a\u7fa9\u3055\u308c\u308b\u30d5\u30a3\u30fc\u30eb\u30c9\u30fb\u30c7\u30fc\u30bf\u578b\u306fElastic Common Schema\u306b\u6e96\u62e0\u3057\u3066\u304a\u308a\u3001\u7570\u306a\u308b\u30c7\u30fc\u30bf\u30bd\u30fc\u30b9\u9593\u3067\u3082\u7d71\u4e00\u3055\u308c\u305f\u691c\u7d22\u30fb\u5206\u6790\u57fa\u76e4\u3092\u69cb\u7bc9\u3067\u304d\u308b\u3002<br \/>\nex) \u30e6\u30fc\u30b6\u30fc\u540d\u306e\u30d5\u30a3\u30fc\u30eb\u30c9\u304c\u30bd\u30fc\u30b9\u306b\u3088\u3063\u3066user\u306b\u306a\u3063\u305f\u308ausername\u306b\u306a\u3063\u305f\u308anginx.access.user_name\u306b\u306a\u3063\u305f\u308a\u305b\u305a\u3001user.name\u306b\u7d71\u4e00\u3055\u308c\u308b\u3002<\/p>\n<p>\u4eca\u56de\u306fFilebeat\u306ePalo Alto Networks module\u3092\u4f7f\u3046\u3002<\/p>\n<h1>\u505a\u8fc7\u7684\u4e8b\u60c5 de<\/h1>\n<p>\u5728Palo Alto\u9632\u706b\u5899\u7684Syslog\u670d\u52a1\u5668\u4e0a\u5b89\u88c5Filebeat\uff0c\u5e76\u5c06\u5176\u8f93\u51fa\u5230\u65b0\u5efa\u7684Elasticsearch+Kibana\u8fdb\u884c\u53ef\u89c6\u5316\u3002<\/p>\n<h2>\u73af\u5883<\/h2>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">Elasticsearch+Kibana<\/ul>\n<\/li>\n<\/ul>\n<p>Amazon Linux 2 AMI (HVM), SSD Volume Type<br \/>\nt2.medium<br \/>\nEBS(\u6c4e\u7528SSD) 30GiB<\/p>\n<p>Syslog+Filebeat<\/p>\n<p>Amazon Linux 2 AMI (HVM), SSD Volume Type<br \/>\nt2.micro<br \/>\nEBS(\u6c4e\u7528SSD) 30GiB<\/p>\n<p>Palo Alto FW<\/p>\n<p>VM-Series Next-Generation Firewall Bundle 1<br \/>\nm5.xlarge<br \/>\nEBS(\u6c4e\u7528SSD) 30GiB<\/p>\n<p>AWS\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30b0\u30eb\u30fc\u30d7\u306f\u9069\u5b9c\u958b\u3051\u308b<\/p>\n<h2>\u7a0b\u5e8f<\/h2>\n<h3>\u5b89\u88c5\u548c\u914d\u7f6eElasticsearch+Kibana\u3002<\/h3>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb<\/ul>\n<\/li>\n<\/ul>\n<p>yum\u3067\u5165\u308c\u308b<\/p>\n<pre class=\"post-pre\"><code>$ sudo yum install java\r\n$ rpm --import https:\/\/artifacts.elastic.co\/GPG-KEY-elasticsearch  \r\n$ sudo vi \/etc\/yum.repos.d\/elastic.repo\r\n<\/code><\/pre>\n<pre class=\"post-pre\"><code><span class=\"pi\">[<\/span><span class=\"nv\">elasticsearch<\/span><span class=\"pi\">]<\/span>\r\n<span class=\"s\">name=Elasticsearch repository for 7.x packages<\/span>\r\n<span class=\"s\">baseurl=https:\/\/artifacts.elastic.co\/packages\/7.x\/yum<\/span>\r\n<span class=\"s\">gpgcheck=1<\/span>\r\n<span class=\"s\">gpgkey=https:\/\/artifacts.elastic.co\/GPG-KEY-elasticsearch<\/span>\r\n<span class=\"s\">enabled=0<\/span>\r\n<span class=\"s\">autorefresh=1<\/span>\r\n<span class=\"s\">type=rpm-md<\/span>\r\n\r\n<span class=\"pi\">[<\/span><span class=\"nv\">kibana<\/span><span class=\"pi\">]<\/span>\r\n<span class=\"s\">name=Kibana repository for 7.x packages<\/span>\r\n<span class=\"s\">baseurl=https:\/\/artifacts.elastic.co\/packages\/7.x\/yum<\/span>\r\n<span class=\"s\">gpgcheck=1<\/span>\r\n<span class=\"s\">gpgkey=https:\/\/artifacts.elastic.co\/GPG-KEY-elasticsearch<\/span>\r\n<span class=\"s\">enabled=1<\/span>\r\n<span class=\"s\">autorefresh=1<\/span>\r\n<span class=\"s\">type=rpm-md<\/span>\r\n<\/code><\/pre>\n<pre class=\"post-pre\"><code>$ sudo yum install elasticsearch kibana\r\n<\/code><\/pre>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">Elasticsearch\u306e\u8a2d\u5b9a<\/ul>\n<\/li>\n<\/ul>\n<p>Filebeat\u304b\u3089\u306e\u51fa\u529b\u3092Elasticsearch\u3067\u8a31\u53ef\u3059\u308b<br \/>\n\u30b7\u30f3\u30b0\u30eb\u69cb\u6210\u306b\u3059\u308b\u3068\u304d\u305d\u306e\u65e8\u3092\u306f\u660e\u793a\u3057\u306a\u3044\u3068\u30b5\u30fc\u30d3\u30b9\u8d77\u52d5\u6642\u306b\u30a8\u30e9\u30fc\u306b\u306a\u308b\u3063\u307d\u3044<\/p>\n<pre class=\"post-pre\"><code>$ sudo vi \/etc\/elasticsearch\/elasticsearch.yml\r\n<\/code><\/pre>\n<pre class=\"post-pre\"><code><span class=\"s\">network.host<\/span><span class=\"pi\">:<\/span> <span class=\"s\">127.0.0.1, &lt;Syslog\u30b5\u30fc\u30d0\u30fc\u306eIP&gt;<\/span>\r\n<span class=\"s\">discovery.type<\/span><span class=\"pi\">:<\/span> <span class=\"s\">single-node<\/span>\r\n<\/code><\/pre>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">Kibana\u306e\u8a2d\u5b9a<\/ul>\n<\/li>\n<\/ul>\n<p>\u63a5\u7d9a\u5143\u306e\u5236\u9650\u3092\u304b\u3051\u306a\u3044<br \/>\nelasticsearch\u306e\u6307\u5b9a(\u4eca\u56de\u306f\u540c\u5c45\u3057\u3066\u3044\u308b\u306e\u3067localhost)<\/p>\n<pre class=\"post-pre\"><code>$ sudo vi \/etc\/kibana\/kibana.yml\r\n<\/code><\/pre>\n<pre class=\"post-pre\"><code><span class=\"s\">server.host<\/span><span class=\"pi\">:<\/span> <span class=\"s2\">\"<\/span><span class=\"s\">0.0.0.0\"<\/span>\r\n<span class=\"s\">elasticsearch.hosts<\/span><span class=\"pi\">:<\/span> <span class=\"pi\">[<\/span><span class=\"s2\">\"<\/span><span class=\"s\">http\/\/localhost:9200\"<\/span><span class=\"pi\">]<\/span>\r\n<\/code><\/pre>\n<ul class=\"post-ul\">Elasticsearch\u3068Kibana\u306e\u30b5\u30fc\u30d3\u30b9\u8d77\u52d5\u8a2d\u5b9a<\/ul>\n<pre class=\"post-pre\"><code>$ sudo \/bin\/systemctl daemon-reload\r\n\r\n$ sudo \/bin\/systemctl enable elastcisearch.service\r\n$ sudo \/bin\/systemctl enable kibana.service\r\n\r\n$ sudo systemctl start elasticsearch.service\r\n$ sudo systemctl start kibana.service\r\n<\/code><\/pre>\n<h3>Filebeat\u7684\u5b89\u88c5\u548c\u8bbe\u7f6e<\/h3>\n<p>syslog\u306e\u8a2d\u5b9a\u306f\u5272\u611b<\/p>\n<p>Palo\u304b\u3089traffic\u30ed\u30b0\u3068threat\u30ed\u30b0\u3092\u53d7\u3051\u53d6\u3063\u3066\/var\/log\/pan*.log\u306b\u914d\u7f6e\u3057\u3066\u3044\u308b\u524d\u63d0<\/p>\n<p>\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb<\/p>\n<p>yum\u3067\u5165\u308c\u308b<\/p>\n<pre class=\"post-pre\"><code>$ sudo yum install filebeat\r\n<\/code><\/pre>\n<ul class=\"post-ul\">Palo Alto Network module\u306e\u6709\u52b9\u5316\u30fb\u8a2d\u5b9a<\/ul>\n<pre class=\"post-pre\"><code>$ sudo filebeat modules enable panw\r\n$ sudo vi \/etc\/filebeat\/modules.d\/panw.yml\r\n<\/code><\/pre>\n<pre class=\"post-pre\"><code><span class=\"pi\">-<\/span> <span class=\"na\">module<\/span><span class=\"pi\">:<\/span> <span class=\"s\">panw<\/span>\r\n  <span class=\"na\">panos<\/span><span class=\"pi\">:<\/span>\r\n    <span class=\"na\">enabled<\/span><span class=\"pi\">:<\/span> <span class=\"no\">true<\/span>\r\n    <span class=\"s\">var.paths<\/span><span class=\"pi\">:<\/span> <span class=\"pi\">[<\/span><span class=\"s2\">\"<\/span><span class=\"s\">\/var\/log\/pan*.log\"<\/span><span class=\"pi\">]<\/span>\r\n    <span class=\"s\">var.input<\/span><span class=\"pi\">:<\/span> <span class=\"s2\">\"<\/span><span class=\"s\">file\"<\/span>\r\n<\/code><\/pre>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">Filebeat\u306e\u8a2d\u5b9a<\/ul>\n<\/li>\n<\/ul>\n<p>Elasticsearch\u3068Kibana\u3092\u6307\u5b9a\u3059\u308b<br \/>\n\u4ee5\u4e0b\u306f\u5909\u66f4\u7b87\u6240\u306e\u307f\u3001\u4ed6\u306f\u30c7\u30d5\u30a9\u30eb\u30c8\u5024<\/p>\n<pre class=\"post-pre\"><code>$ sudo vi \/etc\/filebeat\/filebeat.yml\r\n<\/code><\/pre>\n<pre class=\"post-pre\"><code><span class=\"s\">setup.kibana<\/span><span class=\"pi\">:<\/span>\r\n <span class=\"na\">host<\/span><span class=\"pi\">:<\/span> <span class=\"s2\">\"<\/span><span class=\"s\">&lt;Elasticsearch+Kibana\u30b5\u30fc\u30d0\u30fc\u306eIP&gt;:5601\"<\/span>\r\n<span class=\"s\">output.elasticsearch<\/span><span class=\"pi\">:<\/span>\r\n <span class=\"na\">hosts<\/span><span class=\"pi\">:<\/span> <span class=\"pi\">[<\/span><span class=\"s2\">\"<\/span><span class=\"s\">&lt;Elasticsearch+Kibana\u30b5\u30fc\u30d0\u30fc\u306eIP&gt;:9200\"<\/span><span class=\"pi\">]<\/span>\r\n<\/code><\/pre>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">Filebeat\u306e\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7<\/ul>\n<\/li>\n<\/ul>\n<p>Module\u306e\u30c7\u30fc\u30bf\u5909\u63db\u8a2d\u5b9a\u3068\u30c0\u30c3\u30b7\u30e5\u30dc\u30fc\u30c9\u8a2d\u5b9a\u304cElastichsearch\u3068Kibana\u306b\u53cd\u6620\u3055\u308c\u308b<\/p>\n<pre class=\"post-pre\"><code>$ sudo filebeat setup -e\r\n<\/code><\/pre>\n<ul class=\"post-ul\">Filebeat\u306e\u30b5\u30fc\u30d3\u30b9\u8d77\u52d5\u8a2d\u5b9a<\/ul>\n<pre class=\"post-pre\"><code>$ sudo systemctl enable filebeat\r\n$ sudo systemctl start filebeat\r\n<\/code><\/pre>\n<h3>\u67e5\u770b\u4eea\u8868\u76d8<\/h3>\n<div><img decoding=\"async\" class=\"post-images\" title=\"\" src=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d42b437434c4406c9a05b\/38-2.jpeg\" alt=\"20191219_140448_3759.JPG\" \/><\/div>\n<h1>\u5e9f\u8bdd\u4e0d\u591a<\/h1>\n<p>\u8fd9\u7bc7\u6587\u7ae0\u5199\u5f97\u597d\u50cf\u662f\u5728\u4f7f\u7528\u4e2d\u7684Syslog\u670d\u52a1\u5668\u4e0a\u8fdb\u884c\u7684\u5b89\u88c5\uff0c\u4f46\u5b9e\u9645\u4e0a\u662f\u4e3a\u4e86\u6587\u7ae0\u7684\u7f18\u6545\uff0c\u5306\u5fd9\u642d\u5efa\u4e86\u865a\u62df\u673a\u7684\u9632\u706b\u5899\u548cSyslog\u670d\u52a1\u5668\uff0c\u6240\u4ee5\u6570\u636e\u6bd4\u8f83\u5c11\uff0c\u770b\u8d77\u6765\u4e0d\u591f\u597d\u770b\u3002<\/p>\n<h1>\u5728\u6c49\u8bed\u4e2d\uff0c\u53ea\u9700\u8981\u4e00\u4e2a\u9009\u9879\uff0c\u4ee5\u4e0b\u662f\u5bf9\u6240\u63d0\u95ee\u9898\u7684\u672c\u5730\u5316\u4e2d\u6587\u91ca\u4e49\uff1a<\/h1>\n<p>\u5f15\u7528<\/p>\n<p>\u5c1d\u8bd5\u4f7f\u7528Paloalto Networks VM-Series for AWS\u6765\u670d\u52a1\u57fa\u7840\u8bbe\u65bd\u5de5\u7a0b\u5e08<br \/>\nFilebeat<br \/>\nFilebeat\u6a21\u5757<br \/>\n\u5173\u4e8eElastic Common Schema<br \/>\n\u603b\u7ed3\u4e86Filebeat\u6027\u80fd\u8c03\u4f18\u7684\u8981\u70b9<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Filebeat\u662f\u4ec0\u4e48\uff1f Elastic\u793e\u306e\u8efd\u91cf\u30ed\u30b0\u53ce\u96c6\u30a8\u30fc\u30b8\u30a7\u30f3\u30c8\u7fa4Beats\u306e1\u3064\u3002 Beats\u306f\u3044\u305a\u308c\u3082 [&hellip;]<\/p>\n","protected":false},"author":5,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-40753","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v21.5 (Yoast SEO v21.5) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>\u4f7f\u7528Filebeat\u7684Palo Alto Networks\u6a21\u5757\u6765\u53ef\u89c6\u5316\u6d41\u91cf\u65e5\u5fd7 - Blog - Silicon Cloud<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.silicloud.com\/zh\/blog\/\u4f7f\u7528filebeat\u7684palo-alto-networks\u6a21\u5757\u6765\u53ef\u89c6\u5316\u6d41\u91cf\u65e5\u5fd7\u3002\/\" \/>\n<meta property=\"og:locale\" content=\"zh_CN\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"\u4f7f\u7528Filebeat\u7684Palo Alto Networks\u6a21\u5757\u6765\u53ef\u89c6\u5316\u6d41\u91cf\u65e5\u5fd7\" \/>\n<meta property=\"og:description\" content=\"Filebeat\u662f\u4ec0\u4e48\uff1f Elastic\u793e\u306e\u8efd\u91cf\u30ed\u30b0\u53ce\u96c6\u30a8\u30fc\u30b8\u30a7\u30f3\u30c8\u7fa4Beats\u306e1\u3064\u3002 Beats\u306f\u3044\u305a\u308c\u3082 [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.silicloud.com\/zh\/blog\/\u4f7f\u7528filebeat\u7684palo-alto-networks\u6a21\u5757\u6765\u53ef\u89c6\u5316\u6d41\u91cf\u65e5\u5fd7\u3002\/\" \/>\n<meta property=\"og:site_name\" content=\"Blog - Silicon Cloud\" \/>\n<meta property=\"article:published_time\" content=\"2024-03-05T23:16:30+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-04-30T13:39:10+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d42b437434c4406c9a05b\/2-0.png\" \/>\n<meta name=\"author\" content=\"\u6e05, \u5b87\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u4f5c\u8005\" \/>\n\t<meta name=\"twitter:data1\" content=\"\u6e05, \u5b87\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u9884\u8ba1\u9605\u8bfb\u65f6\u95f4\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 \u5206\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8filebeat%e7%9a%84palo-alto-networks%e6%a8%a1%e5%9d%97%e6%9d%a5%e5%8f%af%e8%a7%86%e5%8c%96%e6%b5%81%e9%87%8f%e6%97%a5%e5%bf%97%e3%80%82\/\",\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8filebeat%e7%9a%84palo-alto-networks%e6%a8%a1%e5%9d%97%e6%9d%a5%e5%8f%af%e8%a7%86%e5%8c%96%e6%b5%81%e9%87%8f%e6%97%a5%e5%bf%97%e3%80%82\/\",\"name\":\"\u4f7f\u7528Filebeat\u7684Palo Alto Networks\u6a21\u5757\u6765\u53ef\u89c6\u5316\u6d41\u91cf\u65e5\u5fd7 - Blog - Silicon Cloud\",\"isPartOf\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#website\"},\"datePublished\":\"2024-03-05T23:16:30+00:00\",\"dateModified\":\"2024-04-30T13:39:10+00:00\",\"author\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/1a6ecd3d914d22a5ac32791ffc1fbd8e\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8filebeat%e7%9a%84palo-alto-networks%e6%a8%a1%e5%9d%97%e6%9d%a5%e5%8f%af%e8%a7%86%e5%8c%96%e6%b5%81%e9%87%8f%e6%97%a5%e5%bf%97%e3%80%82\/#breadcrumb\"},\"inLanguage\":\"zh-Hans\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8filebeat%e7%9a%84palo-alto-networks%e6%a8%a1%e5%9d%97%e6%9d%a5%e5%8f%af%e8%a7%86%e5%8c%96%e6%b5%81%e9%87%8f%e6%97%a5%e5%bf%97%e3%80%82\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8filebeat%e7%9a%84palo-alto-networks%e6%a8%a1%e5%9d%97%e6%9d%a5%e5%8f%af%e8%a7%86%e5%8c%96%e6%b5%81%e9%87%8f%e6%97%a5%e5%bf%97%e3%80%82\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9875\",\"item\":\"https:\/\/www.silicloud.com\/zh\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\u4f7f\u7528Filebeat\u7684Palo Alto Networks\u6a21\u5757\u6765\u53ef\u89c6\u5316\u6d41\u91cf\u65e5\u5fd7\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#website\",\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/\",\"name\":\"Blog - Silicon Cloud\",\"description\":\"\",\"inLanguage\":\"zh-Hans\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/1a6ecd3d914d22a5ac32791ffc1fbd8e\",\"name\":\"\u6e05, \u5b87\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-Hans\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/4b2016c18459a605fc469c7566608f5686491baa112d0871ee613f61b7210565?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/4b2016c18459a605fc469c7566608f5686491baa112d0871ee613f61b7210565?s=96&d=mm&r=g\",\"caption\":\"\u6e05, \u5b87\"},\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/author\/qingyu\/\"},{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-Hans\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8filebeat%e7%9a%84palo-alto-networks%e6%a8%a1%e5%9d%97%e6%9d%a5%e5%8f%af%e8%a7%86%e5%8c%96%e6%b5%81%e9%87%8f%e6%97%a5%e5%bf%97%e3%80%82\/#local-main-organization-logo\",\"url\":\"\",\"contentUrl\":\"\",\"caption\":\"Blog - Silicon Cloud\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"\u4f7f\u7528Filebeat\u7684Palo Alto Networks\u6a21\u5757\u6765\u53ef\u89c6\u5316\u6d41\u91cf\u65e5\u5fd7 - Blog - Silicon Cloud","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.silicloud.com\/zh\/blog\/\u4f7f\u7528filebeat\u7684palo-alto-networks\u6a21\u5757\u6765\u53ef\u89c6\u5316\u6d41\u91cf\u65e5\u5fd7\u3002\/","og_locale":"zh_CN","og_type":"article","og_title":"\u4f7f\u7528Filebeat\u7684Palo Alto Networks\u6a21\u5757\u6765\u53ef\u89c6\u5316\u6d41\u91cf\u65e5\u5fd7","og_description":"Filebeat\u662f\u4ec0\u4e48\uff1f Elastic\u793e\u306e\u8efd\u91cf\u30ed\u30b0\u53ce\u96c6\u30a8\u30fc\u30b8\u30a7\u30f3\u30c8\u7fa4Beats\u306e1\u3064\u3002 Beats\u306f\u3044\u305a\u308c\u3082 [&hellip;]","og_url":"https:\/\/www.silicloud.com\/zh\/blog\/\u4f7f\u7528filebeat\u7684palo-alto-networks\u6a21\u5757\u6765\u53ef\u89c6\u5316\u6d41\u91cf\u65e5\u5fd7\u3002\/","og_site_name":"Blog - Silicon Cloud","article_published_time":"2024-03-05T23:16:30+00:00","article_modified_time":"2024-04-30T13:39:10+00:00","og_image":[{"url":"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d42b437434c4406c9a05b\/2-0.png"}],"author":"\u6e05, \u5b87","twitter_card":"summary_large_image","twitter_misc":{"\u4f5c\u8005":"\u6e05, \u5b87","\u9884\u8ba1\u9605\u8bfb\u65f6\u95f4":"2 \u5206"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8filebeat%e7%9a%84palo-alto-networks%e6%a8%a1%e5%9d%97%e6%9d%a5%e5%8f%af%e8%a7%86%e5%8c%96%e6%b5%81%e9%87%8f%e6%97%a5%e5%bf%97%e3%80%82\/","url":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8filebeat%e7%9a%84palo-alto-networks%e6%a8%a1%e5%9d%97%e6%9d%a5%e5%8f%af%e8%a7%86%e5%8c%96%e6%b5%81%e9%87%8f%e6%97%a5%e5%bf%97%e3%80%82\/","name":"\u4f7f\u7528Filebeat\u7684Palo Alto Networks\u6a21\u5757\u6765\u53ef\u89c6\u5316\u6d41\u91cf\u65e5\u5fd7 - Blog - Silicon Cloud","isPartOf":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/#website"},"datePublished":"2024-03-05T23:16:30+00:00","dateModified":"2024-04-30T13:39:10+00:00","author":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/1a6ecd3d914d22a5ac32791ffc1fbd8e"},"breadcrumb":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8filebeat%e7%9a%84palo-alto-networks%e6%a8%a1%e5%9d%97%e6%9d%a5%e5%8f%af%e8%a7%86%e5%8c%96%e6%b5%81%e9%87%8f%e6%97%a5%e5%bf%97%e3%80%82\/#breadcrumb"},"inLanguage":"zh-Hans","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8filebeat%e7%9a%84palo-alto-networks%e6%a8%a1%e5%9d%97%e6%9d%a5%e5%8f%af%e8%a7%86%e5%8c%96%e6%b5%81%e9%87%8f%e6%97%a5%e5%bf%97%e3%80%82\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8filebeat%e7%9a%84palo-alto-networks%e6%a8%a1%e5%9d%97%e6%9d%a5%e5%8f%af%e8%a7%86%e5%8c%96%e6%b5%81%e9%87%8f%e6%97%a5%e5%bf%97%e3%80%82\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9875","item":"https:\/\/www.silicloud.com\/zh\/blog\/"},{"@type":"ListItem","position":2,"name":"\u4f7f\u7528Filebeat\u7684Palo Alto Networks\u6a21\u5757\u6765\u53ef\u89c6\u5316\u6d41\u91cf\u65e5\u5fd7"}]},{"@type":"WebSite","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#website","url":"https:\/\/www.silicloud.com\/zh\/blog\/","name":"Blog - Silicon Cloud","description":"","inLanguage":"zh-Hans"},{"@type":"Person","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/1a6ecd3d914d22a5ac32791ffc1fbd8e","name":"\u6e05, \u5b87","image":{"@type":"ImageObject","inLanguage":"zh-Hans","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/4b2016c18459a605fc469c7566608f5686491baa112d0871ee613f61b7210565?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/4b2016c18459a605fc469c7566608f5686491baa112d0871ee613f61b7210565?s=96&d=mm&r=g","caption":"\u6e05, \u5b87"},"url":"https:\/\/www.silicloud.com\/zh\/blog\/author\/qingyu\/"},{"@type":"ImageObject","inLanguage":"zh-Hans","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8filebeat%e7%9a%84palo-alto-networks%e6%a8%a1%e5%9d%97%e6%9d%a5%e5%8f%af%e8%a7%86%e5%8c%96%e6%b5%81%e9%87%8f%e6%97%a5%e5%bf%97%e3%80%82\/#local-main-organization-logo","url":"","contentUrl":"","caption":"Blog - Silicon Cloud"}]}},"_links":{"self":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/40753","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/comments?post=40753"}],"version-history":[{"count":2,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/40753\/revisions"}],"predecessor-version":[{"id":94451,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/40753\/revisions\/94451"}],"wp:attachment":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/media?parent=40753"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/categories?post=40753"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/tags?post=40753"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}