Suricata logs not giving me the full log? integration with wazuh

[Ga Mac]

I tried implementing Suricata based on this link
https://wazuh.com/blog/responding-to-network-attacks-with-suricata-and-wazuh-xdr/

And did all of the following for Ubuntu endpoints which are 22.04 with my wazuh master and indexers in servers. 

The issue is that the dashboard shows the suricata logs but it does not show detailed info like in the link instead shows below. I did a Nmap scan which is this command " sudo nmap -sS <ipaddress>" and it does detect it but not in the way that is helpful as it shows below. Any ideas? I tried a few changes like the changing the decorder limit to 1024.

[Olamilekan Abdullateef Ajani]

Hello Gabriel,

Please give me some time to replicate this and provide a feedback accordingly.

regards 

[Olamilekan Abdullateef Ajani]

Hello Gabriel,

I apologize for the delayed response. I have replicated this and I can confirm to you that it works. Could you please share the event you received, which is different from what is in the documentation?

And again, you may want to check the eve.json file to ensure you receive the logs, if not, I feel there may be some misconfiguration in the suricata config file, /etc/suricata/suricata.yaml.

Can you please review the configuration and ensure you are listening on the right interface and the right IP address has been supplied too?

Please use the documentation here as a guide and let me know.

Ref:
https://documentation.wazuh.com/current/proof-of-concept-guide/integrate-network-ids-suricata.html