SELKS icon indicating copy to clipboard operation
SELKS copied to clipboard
verified publisher icon StamusNetworks

🐞💿 No data in Hunting Dashboard

Open whale-withme opened this issue 9 months ago • 4 comments

Is there an existing issue for this?

  • [x] I have searched the existing issues

Current Behavior

Hi, all. I installed SELKS by Docker ISO, but I can't see any data about traffic, alert or charts. I want to know under which dir can I see about these info. Then, I want to ask whether rest api about alert exists, because I only see about ruleset under https://<SELKSIP>/rest . I need this api. Thanks very much!

Expected Behavior

No response

Steps To Reproduce

No response

Anything else?

No response

whale-withme avatar Mar 10 '25 06:03 whale-withme

Did you run the first time set up routine ? https://github.com/StamusNetworks/SELKS/wiki/Docker-ISO-setup#first-time-setup

pevma avatar Mar 11 '25 15:03 pevma

@pevma Yes, I tried. I used tppdummy0 as sniffing interface but I can't see data. Should I use real interface? AND, I also want to know how to get SELKS api about traffic alert, I only found ruleset. thanks.

whale-withme avatar Mar 12 '25 06:03 whale-withme

@pevma I want to know if follow the set up, SELKS will start alert automatically? Type command below.

sudo -s

cd /opt/selksd/SELKS/docker/ && \
./easy-setup.sh --non-interactive --no-pull-containers -i tppdummy0 \
--iA --restart-mode always --es-memory 8G && \
docker-compose up -d

whale-withme avatar Mar 12 '25 06:03 whale-withme

Yes - with hat command above it will automatically start the dockers at boot. A reason for not seeing traffic or data can be that there is nothing being replayed on the interface. If you replay traffic on the einterface you should see events coming in

pevma avatar Mar 12 '25 13:03 pevma