Peter Manev
Peter Manev
glad to hear it works. I think this routine below should be good for the next time an upgrade is needed: ``` git pull docker-compose pull docker-compose stop docker-compose up...
Hi @JoppeOostenrijk , Sorry i missed that. Can you please share the contents of the threshold file. You can do that from the docker running directory , via : ```...
Yes, thank you. Do those seem like the suppressions you made ? Are they not suppressing everything form src_ip `192.168.1.179` lets say ?
ok so basically , if i understand correctly you are receiving alerts from : the IP/Networks above for those specific signatures - 2008983, 2030137. It seems like a suppression bug...
Ok. Did you also do the `Ruleset actions` (`Suricata` tab in management) - select all actions/apply. After a suppression or any rule adjustment change you need to update/push those. (apologies...
It may be the ES is not up yet after restart - what about if you retry ? > -- > Regards, > Peter Manev > On 11 Jun 2021,...
I meant retry/rerun the first time setup. > -- > Regards, > Peter Manev > On 11 Jun 2021, at 23:37, Akram96dz ***@***.***> wrote: > > > It may...
Seems the problem is ES not starting maybe. Do you have enough resources budgeted on the machine ? (CPU/MEM etc as per the recommendations)
Some more info could be found here fir the first time setup - https://github.com/StamusNetworks/SELKS/wiki/First-time-setup In general - 2 CPUs 8GB RAM minimum > -- > Regards, > Peter Manev >...
What are the last log entries in `/var/log/suricata/suricata.log` ?