Error when shipping to HELK

Question

Error when shipping to HELK

jcastillo725 opened this issue 4 years ago · 7 comments

jcastillo725 commented 4 years ago

I'm encountering an error when trying to ship datasets to HELK.

Answer 1 · 2021-06-06T15:03:53.000Z

Have you been able to solve it?

Answer 2 · 2021-06-06T15:26:08.000Z

Try running sudo pip3 install elasticsearch

Answer 3 · 2021-07-03T07:30:47.000Z

Hello @jcastillo725 ! It has been a while since I tried to send data to HELK. However, I know @thomaspatzke does it for his project

https://github.com/thomaspatzke/elk-detection-lab

He contributed the script to the project, but I have not tested it myself. @thomaspatzke , would it be possible whenever you have some time to test it with your project if you do not mind? I know you are very busy so whenever you have time :) Thank you man!

Answer 4 · 2021-07-03T08:24:13.000Z

Sure, Roberto! Can you assign it to me so that it doesn't gets lost? For me it appears that the elasticsearch library is not present.

Answer 5 · 2021-07-03T09:30:29.000Z

Hello @thomaspatzke ! I did not pay attention to the error and got confused with another issue that also talked about sending data to an ELK stack. I thought they were similar ones. Yes the error is pretty straightforward 😂 sorry to bother you with this. I hope you have a great weekend!

Answer 6 · 2021-07-03T09:32:01.000Z

Good occasion to update the link to Mordor to the current version 😉

Answer 7 · 2021-07-03T09:37:09.000Z

Ohhh yes! Yay! 😅