Peter Manev
Peter Manev
You can do that yeah. If you need to do a manual modification please make sure you back up the configs first and test on a QA/test system :)
sure - we have a test upgrade script procedure in progress for SELKS to bring in with the new Scirius/ELK version ...which we will be releasing very shortly for feedback....
That is a good idea it seems !
Can you try the latest source now? There were quite some new updates.
Hi, Thanks for trying it out! Do you have data in the eve.json for the same period?
Is the Scirius timezone correct as well ?
Any relevant errs in the logs (Scirius/ES/Logstash)?
I cant reproduce this - but have seen it before. Can you reproduce this every time? Does data get populated in any other dashboards (Kibana if you have them for...
@lukelee1987 - are you using 3.0.1 latest Scirius ? Also do you have `"event_type":"alert"` events in `/var/log/suricata/eve.json` ?
Is that stand alone scirius or part of SELKS?