Peter Manev
Peter Manev
It seems incomplete - can you tail the last 200 lines please?
So that here is really the issue it seems - `was created with version [5.6.16] but the minimum compatible version is [6.0.0-beta1]. It should be re-indexed in Elasticsearch 6.x before...
If you have a lot of date it is normal it takes some time to initialize - it is a normal process. SELKS in general needs minimum 8GB to spin...
Ok so it is not the data most likely. What is the sizing of the VM ?
Could be too much data stored fr 4GB and that's why it might be taking a bit too long?
You might find this useful in the docs - https://github.com/StamusNetworks/SELKS/wiki/Kibana-did-not-load-properly
Yes sure, you can ship into ES it anything you like.
You need to add CD to your VM template/config i think.
You can either just download and install it - https://github.com/StamusNetworks/SELKS/wiki/First-time-setup or build your own custom one - https://github.com/StamusNetworks/SELKS/wiki/Customizing-SELKS
aha - then i think you should basically be able to use that - https://github.com/StamusNetworks/SELKS/blob/master/staging/config/hooks/live/chroot-inside-Debian-Live.hook.chroot but need to clone the github repo and use all the configs from there.