my suricata no data

Question

my suricata no data

RonnieNiu opened this issue 5 years ago · 7 comments

RonnieNiu commented 5 years ago

and kibana is error

and hunt no data

Answer 1 · 2019-07-26T12:49:44.000Z

Is that stand alone scirius or part of SELKS?

Answer 2 · 2019-07-29T03:04:00.000Z

ITis stand alone scirius

Answer 3 · 2019-07-29T10:08:38.000Z

When you are on the Kibana page - if you use Chrome - what are the errors when you press Ctrl+Shift+J ?

Answer 4 · 2019-07-31T09:24:14.000Z

RonnieNiu commented 5 years ago

Answer 5 · 2019-07-31T10:14:31.000Z

I think this is related to - #182 (comment)

Answer 6 · 2019-07-31T12:32:06.000Z

disable es auth ，then ok, but not eve. Json data发自我的华为手机-------- 原始邮件 --------主题：Re: [StamusNetworks/scirius] my suricata no data (#183)发件人：Peter Manev 收件人：StamusNetworks/scirius 抄送：ybn ,Author I think this is related to - #182 —You are receiving this because you authored the thread.Reply to this email directly, view it on GitHub, or mute the thread.

Answer 7 · 2019-08-05T07:10:14.000Z

Aha ok - so if you re using a proxy of some sort - i think you need to explicitly allow those paths - here is an example as it is done in SELKS - https://github.com/StamusNetworks/SELKS/blob/master/staging/config/hooks/live/chroot-inside-Debian-Live.hook.chroot#L125