Assistence Needed ! Forwarding logs from Security Onion VM to Parent OS(ubuntu 16) splunk
414 views
Skip to first unread message
Yakeshraj Madhivanan
Apr 24, 2018, 5:49:55 AM4/24/18
to security-onion
Hi Everyone,
For study purpose i have deployed security onion in virtualbox and i'm able to monitor the logs in that vm. Now i wanted to forward the logs to parent os (ubuntu) where i have installed splunk.. I have tried universal forwarder for doing so but i couldn't succeed.. forwarding server always remains inative.
Kindly guide me for forwarding snort logs from security onion vm to parent os splunk..
For study purpose i have deployed security onion in virtualbox and i'm able to monitor the logs in that vm. Now i wanted to forward the logs to parent os (ubuntu) where i have installed splunk.. I have tried universal forwarder for doing so but i couldn't succeed.. forwarding server always remains inative.
Kindly guide me for forwarding snort logs from security onion vm to parent os splunk..
Wes Lambert
Apr 24, 2018, 2:34:17 PM4/24/18
to securit...@googlegroups.com
How is you virtual networking setup? What kind of interface is being used? Bridged/NAT/Host Only?
Thanks,
Wes
--
Follow Security Onion on Twitter!
https://twitter.com/securityonion
---
You received this message because you are subscribed to the Google Groups "security-onion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to security-onion+unsubscribe@googlegroups.com.
To post to this group, send email to security-onion@googlegroups.com.
Visit this group at https://groups.google.com/group/security-onion.
For more options, visit https://groups.google.com/d/optout.
Message has been deleted
Yakeshraj Madhivanan
Apr 26, 2018, 2:09:50 AM4/26/18
to security-onion
hi Wes..
Yes.. Its been bridged..
Wes Lambert
Apr 26, 2018, 2:02:56 PM4/26/18
to securit...@googlegroups.com
Have you checked basic connectivity between the boxes? Are you able to ssh, etc. between the two machines?
Also see:
On Thu, Apr 26, 2018 at 2:09 AM, Yakeshraj Madhivanan <vsssr...@gmail.com> wrote:
hi Wes..
Yes.. Its been bridged..
--
Follow Security Onion on Twitter!
https://twitter.com/securityonion
---
You received this message because you are subscribed to the Google Groups "security-onion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to security-onion+unsubscribe@googlegroups.com.
To post to this group, send email to security-onion@googlegroups.com.
Visit this group at https://groups.google.com/group/security-onion.
For more options, visit https://groups.google.com/d/optout.
Reply all
Reply to author
Forward
0 new messages