How to display snort alerts in Kibana dashboard?
795 views
Skip to first unread message
javier Albarracin
May 18, 2018, 9:32:24 AM5/18/18
to security-onion
Hello, first of all Congratulations on the Security Onion Project.
I have installed Security Onion 14.04.5.13 and I would like to know if you could indicate the steps that should be performed to show the alerts detected by squert to show a
dashboard similar to this link.
https://blog.securityonion.net/2017/07/towards-elastic-on-security-onion.html
Currently my installation is by default according to the configuration steps and my dashboard does not show snort alerts.
I have installed Security Onion 14.04.5.13 and I would like to know if you could indicate the steps that should be performed to show the alerts detected by squert to show a
dashboard similar to this link.
https://blog.securityonion.net/2017/07/towards-elastic-on-security-onion.html
Currently my installation is by default according to the configuration steps and my dashboard does not show snort alerts.
Wes Lambert
May 21, 2018, 7:15:37 AM5/21/18
to securit...@googlegroups.com
Hi Javier,
Are you able to view other logs in Kibana?
Are able to view NIDS alerts in Squert/Sguil?
Have you tried checking /var/log/logstash/logstash.log for clues?
Thanks,
Wes
--
Follow Security Onion on Twitter!
https://twitter.com/securityonion
---
You received this message because you are subscribed to the Google Groups "security-onion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to security-onion+unsubscribe@googlegroups.com.
To post to this group, send email to security-onion@googlegroups.com.
Visit this group at https://groups.google.com/group/security-onion.
For more options, visit https://groups.google.com/d/optout.
Reply all
Reply to author
Forward
0 new messages