[Oisf-users] Suricata with ELK Stack
Daniel
daniel at linux-nerd.de
Fri Feb 3 22:28:11 UTC 2017
Hi there,
today i updated Suricata on my pfSense to Version 3.1.x
after checking my Logs (ELK Stack) i saw some thing which does not fit.
For example pfSense detects some Alerts: See Picture:
My ELK as realy realy less loggings in my Dashboard and it does not detect this as a Alert for example:
Can someone explain me what happend? Do i need to adjust my grok pattern in Logstash or any other Ideas?
I am totaly confused :-(
Cheers
Daniel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20170203/c9685a21/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Screenshot 2017-02-03 23.23.20.png
Type: image/png
Size: 44608 bytes
Desc: not available
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20170203/c9685a21/attachment-0002.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Screenshot 2017-02-03 23.23.52.png
Type: image/png
Size: 171418 bytes
Desc: not available
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20170203/c9685a21/attachment-0003.png>
More information about the Oisf-users
mailing list