SO 16.04.4.2 Squert Filter Error
32 views
Skip to first unread message
Hagen Nicol
Jul 5, 2018, 6:15:55 AM7/5/18
to security-onion
Hello SO-Team,
I have set up a new parallel SecurityOnion installation with ELK stack. (securityonion-16.04.4.2.iso)
The Squert Priority Filter shows a different behavior than in the productive SecurityOnion installation (securityonion-14.04). No events are assigned to the filter categories "high", "medium" or "low". Only the filter category "other" contains events.
Screenshots + so-redacted here
https://cloud.blg-fashion.de/s/TFY6ibPpYAeyRHe
Thanks for help.
I have set up a new parallel SecurityOnion installation with ELK stack. (securityonion-16.04.4.2.iso)
The Squert Priority Filter shows a different behavior than in the productive SecurityOnion installation (securityonion-14.04). No events are assigned to the filter categories "high", "medium" or "low". Only the filter category "other" contains events.
Screenshots + so-redacted here
https://cloud.blg-fashion.de/s/TFY6ibPpYAeyRHe
Thanks for help.
Doug Burks
Jul 5, 2018, 7:15:14 AM7/5/18
to securit...@googlegroups.com
On Thu, Jul 5, 2018 at 5:04 AM, Hagen Nicol <hagen...@gmail.com> wrote:
Hello SO-Team,
I have set up a new parallel SecurityOnion installation with ELK stack. (securityonion-16.04.4.2.iso)
The Squert Priority Filter shows a different behavior than in the productive SecurityOnion installation (securityonion-14.04). No events are assigned to the filter categories "high", "medium" or "low". Only the filter category "other" contains events.
Hi Hagen,
I've duplicated this issue and created Issue #1277 for tracking:
https://github.com/Security-Onion-Solutions/security-onion/issues/1277
--
Doug Burks
CEO
Security Onion Solutions, LLC
CEO
Security Onion Solutions, LLC
Reply all
Reply to author
Forward
0 new messages