Peter Manev
Peter Manev
unselect "use elasticsearch" - so you only leave the "custom" option? Any luck? (plus clear browser cache just in case)
Can you share your full local_settings ? (privately if you want to) those are the only changes we make to have it working for ELK6 - https://github.com/StamusNetworks/SELKS/blob/SELKS5-WIP/staging/config/hooks/live/chroot-inside-Debian-Live.hook.chroot#L115
Think you would need to adjust the address of the elasticsearch in local_settings as well, did you do that ?
Whats is your `local_settings.py ` look like ?
Whats is your local_settings.py look like ? Inside you should probably set the hostname/es variables correct if not already done. Something similar to - https://github.com/StamusNetworks/SELKS/issues/201#issuecomment-538728806 depending if ES is local...
Ok - let us know hoe it goes!
The ES address is reachable form Scirius ?
can you try with `ELASTICSEARCH_LOGSTASH_ALERT_INDEX = "suricata-alert-*"` then restart Scisiurs/Kibana
Is this still an issue? If you check in Kibana , do you have events populated?
Does anything happen if you clear the full browser cache on Chrome/FF ? for IE I know it could be tricky.