Marc Smeets

> The summary dashboard shows sliver sessions however there is a discrepancy since logs that are present _only_ on the c2 sever are logged as a separate "host". The actual...

> @whitecod yes, I used the files from this merge request. They should also contain the changes that you had pushed last week. > > It might be possible to...

> @MarcOverIP From my side the `agent.name` should be removed from the `host.name` field otherwise the MR is good to be merged. > Not sure what you exactly mean. Overall,...

@alcastronic @whitecod, do we still think this makes sense when the C2 framework has no implant logs available to ingest and show?

> @MarcOverIP For completeness I would like to see commands run on the server itself for auditing purposes (e.g. enabling listeners, creating implant profiles or adding operators). I tried to...

Valid point. We should move to the new Community Edition. You agree @fastlorenzo? On a high level this should not be too hard I believe: just use the new docker...

Any help we can provide you on this?

Got you served here: https://github.com/outflanknl/RedELK/blob/master/example-data-and-configs/ExampleData/redira1_access-redelk.log

Looking good at first glance! I'll do some testing and let you know.

I was under the impression that this was happening correctly. If traffic is not meant for the c2 server it is sent to backend ```decoy```. If traffic is meant for...