How to push Snort, Bro, YAF log to Metron

Install the Metron Bro plugin into your Bro install. This will push the Bro output into Kafka so that Metron can consume it.

You can use the Ansible deployment steps as instructions for one, simple way to pipe YAF and Snort output into Kafka. This is only suitable for small scale testing.

You're going to want to use something `yafzcbalance` for scaling YAF to higher throughput.

You can use Bro's load balancing mechanism to scale it to higher throughput.