[Oisf-users] Suricata 2.0 Available!

Cooper F. Nelson cnelson at ucsd.edu
Tue Mar 25 22:06:34 UTC 2014 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Ok, got it working.  Ultimately I ended up starting over and installing
elasticsearch via a package first.  Then the published process worked.

I appreciate everyone's help!  Now I just need to figure out how to
configure the dashboard.

- -Coop

On 3/25/2014 10:05 AM, Cooper F. Nelson wrote:
> Same problem I had previously, the embedded elasticsearch instance
> doesn't start.  Maybe it's something on my end.
> 
> I'll post an update if I figure this out.
> 
> On 3/25/2014 9:41 AM, Victor Julien wrote:
>> On 03/25/2014 05:35 PM, Cooper F. Nelson wrote:
>>> The current version of logstash is 1.4.0 and does not work with
>>> this guide.  Would it be possible to get it updated?
> 
>>> I'll offer to help in any way possible, with the caveat that I
>>> haven't been able to get it to work myself.
> 
>> It works for me, however with one change. I'm using
>> logstash-forwarder, and with this it seems the filter:
> 
>> filter {
>>   date {
>>     match => [ "timestamp", "ISO8601" ]
>>   }
>> }
> 
>> Doesn't work. If I have this, I see no logs, otherwise if I remove
>> that, it works normally.
> 
>> My configs for reference: https://gist.github.com/inliniac/9765934
> 
> 
> 
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> OISF: http://www.openinfosecfoundation.org/
> 

- -- 
Cooper Nelson
Network Security Analyst
UCSD ACT Security Team
cnelson at ucsd.edu x41042
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJTMf3qAAoJEKIFRYQsa8FWDewH/iy4vCARt1mtxzh10Gc6T5i3
RwQJnsiLk77WgY8IDBsQeIBPYbHGyft/aEpZVC8/X6W0rytoBysZ6p54MjTdwd+J
euEAA7xzjWKBRLnkrqiyA5op4w0Z041013gQqnD2bhN9hjaW4xGzD3RSRDD0cGjx
uNv1tNeqFRh3twdo8P9KumvvfQ0DEPtEHoZw21L/nuihSh8y2r1MlkR2Li42SsAT
NsfQMgEmHmYE830aSg0nCmSkybhioARLH5xXhDsLW8Yg8k4hQTQqfrky6Gb2xL8Q
qLnx2hW4/NmoJ+ELiESjXFtnoWRNdu9U5AwPL+eZLH+ytgc7M29XTeIjFOcws0o=
=EamA
-----END PGP SIGNATURE-----

More information about the Oisf-users mailing list