What tools in SecurityOnion can be used for web application intrusion logfiles in csv format?
I have some web server logs from a breach. Is there a tool in SecurityOnion where I can upload the log files in csv format and have some sort of behavior-driven, static IDS/IPS identify when a breach occurred?