ipworkx
ipworkx
The hunt screen with alerts seems to show alerts. So that's fine, although the dashboard itself does not show anything. Item signatures is also fine. Hope this might give you...
Could it be that scirius is looking for a host field in the alert indice? The original host field is now called fields.host due to filebeat and logstash doesn't want...
By the way, the rule activities are working fine. I even looked at the scirius/elastic query files (/var/log/scirius/elasticsearch.log and did see the actual query working.
Yep, all works fine. It's just this info doesn't show up
Hi, I looked a little further and found out it is fetching data, but it just doesn't show up. At the other hand, in the debug it shows the text...
Do you might have another debian packege of the latest scirius version? The packages that are available are just two. This one which works with python 3.7 and the old...
By the way it's version 3.7.0-1
Elastic is version 7.12. I installed version 3.5 with the same results. It must be a thing with Elasticsearch. Version 7.11 was fine