Suricata on a separate physical machine
11 views
Skip to first unread message
Krystian Trapszo
Apr 25, 2025, 7:52:11 AMApr 25
to SELKS
Hi, I am new due to lack of knowledge I used the ISO image provided by SELKS without desktop - everything seems to work - looks great. :)
Now I wonder if it is possible to get insight through SELKS panels to Suricata installed on a separate server? as a single element.
Now I wonder if it is possible to get insight through SELKS panels to Suricata installed on a separate server? as a single element.
I expect high traffic to be analyzed by Suricata (even 30Gbps) and I suspect that everything on one server may cause disruptions in the operation of the entire construct
how, what, where would I have to change for SELKS to notice Suricata?
Peter Manev
Apr 25, 2025, 5:57:00 PMApr 25
to Krystian Trapszo, SELKS
Hi,
There are a couple of options.
You can ship the Suricata logs to SELKS
and/or also
You can use the Kibana dashboards from any Elasticsearch
https://github.com/StamusNetworks/suricata-analytics/tree/main/kibana/7
Thanks !
> --
> Discord: Let's talk about SELKS on
> https://discord.com/channels/911231224448712714/911238451842666546
> Wiki: https://github.com/StamusNetworks/SELKS/wiki
> GitHub: https://github.com/StamusNetworks/SELKS
> Blog: https://www.stamus-networks.com/blog
> Twitter: @StamusN
> ---
> You received this message because you are subscribed to the Google Groups "SELKS" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to selks+un...@googlegroups.com.
> To view this discussion visit https://groups.google.com/d/msgid/selks/706e5c1a-181f-4916-b769-8b67fc9d7fd1n%40googlegroups.com.
--
Regards,
Peter Manev
There are a couple of options.
You can ship the Suricata logs to SELKS
and/or also
You can use the Kibana dashboards from any Elasticsearch
https://github.com/StamusNetworks/suricata-analytics/tree/main/kibana/7
Thanks !
> Discord: Let's talk about SELKS on
> https://discord.com/channels/911231224448712714/911238451842666546
> Wiki: https://github.com/StamusNetworks/SELKS/wiki
> GitHub: https://github.com/StamusNetworks/SELKS
> Blog: https://www.stamus-networks.com/blog
> Twitter: @StamusN
> ---
> You received this message because you are subscribed to the Google Groups "SELKS" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to selks+un...@googlegroups.com.
> To view this discussion visit https://groups.google.com/d/msgid/selks/706e5c1a-181f-4916-b769-8b67fc9d7fd1n%40googlegroups.com.
--
Regards,
Peter Manev
Reply all
Reply to author
Forward
0 new messages