Marc Smeets

Would be a great addition. Really love that functionality if it's GUI clickable in Kibana. I believe @xychix has done something internally with jupyter notebooks.

The question is *what* do we check and compare to the blacklist. Right now, RedELK has no config option or no automated way for knowing the certificate used in the...

After discussion with @fastlorenzo we are moving this out of the beta6 milestone, lower prio.

Thanks you bringing this up. I need to investigate this, as this previously did not show up as an issue, nor on our own installations.

Thank you Sunny, once again!

@Matthijsy Hey I think we're missing the addition to the config.json file. Could you please check? After that it should be good for merging.

You are right. Thank you for the PR! Merging now.

Never heard of it. But sure would be cool. Does it do (sufficient) logging? it has my preference to give priority to #63 and #23 and #22

Interesting idea. So if I understand you correctly you would like to have the logs from Suricata ingested and accessible via the Kibana interface of RedELK? I have no recent...

At first glance, logging by PoshC2 seems somewhat similar to that of Cobalt Strike. So this should not be a lot of work. Generically speaking I expect the following things...