SysmonSearch not appearing in Kibana

JPCERTCC / SysmonSearch

Investigate suspicious activity by visualizing Sysmon's event log

Other

417 stars 58 forks source link

Closed fawz24 closed 4 years ago

fawz24 commented 6 years ago

I installed ElasticSearch-6.4.2, Kibana-6.4.2 and SysmonSearch on Ubuntu 18.04. According to the following wiki install steps

https://github.com/JPCERTCC/SysmonSearch/wiki/how-to-install#kibana-setup

SysmonSearch should be visible on the left menu. Unfortunately it is not. screenshot from 2018-10-18 11-20-10

How can this be fixed?

S03D4-164 commented 4 years ago

We are sorry. There was a mistake in step 11 on the wiki.

(wrong)
$ cp -r sysmon_search_plugin/ $KIBANA_HOME/plugin/

(correct)
$ cp -r sysmon_search_plugin/ $KIBANA_HOME/plugins/

Please copy sysmon_search_plugin into $KIBANA_HOME/plugins with the "s" at the end, NOT $KIBANA_HOME/plugin.