pevma
commented
5 years ago On Mon, Nov 26, 2018 at 5:02 PM freetime27 notifications@github.com wrote:
Realice la instalacion de Selks en virtual box con 4 gb de ram 40 gb de disco rigido 2 ´procesadores. termine la instalacion entro a la pagina https://10.0.0.34/rules sin problemas. inicio secion pero suricana esta en rojo. no inicia. intente seguir los pasos de la guia e ir reconfigurando todo pero sigue igual.
Hi,
My spanish is not that good - couple of suggestions :
- Have a look /var/log/suricata/suricata.log for any leads or errors why Suricata is not starting. I am assuming you have set up the interface for sniffing using the set up script?
-
Use 6GRAM
Thank you
root@SELKS:~# systemctl status suricata elasticsearch logstash kibana
evebox && \
supervisorctl status scirius ● suricata.service - LSB: Next Generation IDS/IPS Loaded: loaded (/etc/init.d/suricata; generated; vendor preset: enabled) Active: active (exited) since Mon 2018-11-26 10:31:57 EST; 26min ago Docs: man:systemd-sysv-generator(8) Process: 522 ExecStart=/etc/init.d/suricata start (code=exited, status=0/SUC Tasks: 0 (limit: 4915) CGroup: /system.slice/suricata.service
Nov 26 10:31:57 SELKS systemd[1]: Starting LSB: Next Generation IDS/IPS... Nov 26 10:31:57 SELKS suricata[522]: Starting suricata in IDS (af-packet) mode Nov 26 10:31:57 SELKS systemd[1]: Started LSB: Next Generation IDS/IPS.
● elasticsearch.service - Elasticsearch Loaded: loaded (/usr/lib/systemd/system/elasticsearch.service; enabled; ven Active: active (running) since Mon 2018-11-26 10:31:57 EST; 26min ago Docs: http://www.elastic.co Main PID: 521 (java) Tasks: 53 (limit: 4915) CGroup: /system.slice/elasticsearch.service ├─521 /usr/bin/java -Xms1g -Xmx1g -XX:+UseConcMarkSweepGC -XX:CMSIn └─738 /usr/share/elasticsearch/modules/x-pack-ml/platform/linux-x86
Nov 26 10:31:57 SELKS systemd[1]: Started Elasticsearch.
● logstash.service - logstash Loaded: loaded (/etc/systemd/system/logstash.service; enabled; vendor prese Active: active (running) since Mon 2018-11-26 10:31:55 EST; 26min ago Main PID: 286 (java) Tasks: 31 (limit: 4915) CGroup: /system.slice/logstash.service └─286 /usr/bin/java -Xms1g -Xmx1g -XX:+UseParNewGC -XX:+UseConcMark
Nov 26 10:33:27 SELKS logstash[286]: [2018-11-26T10:33:27,195][INFO ][logstash Nov 26 10:33:27 SELKS logstash[286]: [2018-11-26T10:33:27,204][INFO ][logstash Nov 26 10:33:27 SELKS logstash[286]: [2018-11-26T10:33:27,381][INFO ][logstash Nov 26 10:33:27 SELKS logstash[286]: [2018-11-26T10:33:27,382][INFO ][logstash Nov 26 10:33:28 SELKS logstash[286]: [2018-11-26T10:33:28,763][INFO ][logstash Nov 26 10:33:28 SELKS logstash[286]: [2018-11-26T10:33:28,810][INFO ][logstash Nov 26 10:33:29 SELKS logstash[286]: [2018-11-26T10:33:29,414][INFO ][logstash Nov 26 10:33:29 SELKS logstash[286]: [2018-11-26T10:33:29,582][INFO ][logstash Nov 26 10:33:29 SELKS logstash[286]: [2018-11-26T10:33:29,654][INFO ][filewatc Nov 26 10:33:30 SELKS logstash[286]: [2018-11-26T10:33:30,342][INFO ][logstash
● kibana.service - Kibana Loaded: loaded (/etc/systemd/system/kibana.service; enabled; vendor preset: Active: active (running) since Mon 2018-11-26 10:31:55 EST; 26min ago Main PID: 280 (node) Tasks: 10 (limit: 4915) CGroup: /system.slice/kibana.service └─280 /usr/share/kibana/bin/../node/bin/node --no-warnings /usr/sha
Nov 26 10:32:39 SELKS kibana[280]: {"type":"log","@timestamp https://github.com/timestamp":"2018-11-26T15:3 Nov 26 10:32:39 SELKS kibana[280]: {"type":"log","@timestamp https://github.com/timestamp":"2018-11-26T15:3 Nov 26 10:32:39 SELKS kibana[280]: {"type":"log","@timestamp https://github.com/timestamp":"2018-11-26T15:3 Nov 26 10:32:39 SELKS kibana[280]: {"type":"log","@timestamp https://github.com/timestamp":"2018-11-26T15:3 Nov 26 10:32:39 SELKS kibana[280]: {"type":"log","@timestamp https://github.com/timestamp":"2018-11-26T15:3 Nov 26 10:32:39 SELKS kibana[280]: {"type":"log","@timestamp https://github.com/timestamp":"2018-11-26T15:3 Nov 26 10:32:39 SELKS kibana[280]: {"type":"log","@timestamp https://github.com/timestamp":"2018-11-26T15:3 Nov 26 10:32:39 SELKS kibana[280]: {"type":"log","@timestamp https://github.com/timestamp":"2018-11-26T15:3 Nov 26 10:32:39 SELKS kibana[280]: {"type":"log","@timestamp https://github.com/timestamp":"2018-11-26T15:3 Nov 26 10:32:39 SELKS kibana[280]: {"type":"log","@timestamp https://github.com/timestamp":"2018-11-26T15:3
● evebox.service - EveBox Server Loaded: loaded (/lib/systemd/system/evebox.service; enabled; vendor preset: Active: active (running) since Mon 2018-11-26 10:31:55 EST; 26min ago Main PID: 281 (evebox) Tasks: 8 (limit: 4915) CGroup: /system.slice/evebox.service └─281 /usr/bin/evebox server
Nov 26 10:32:27 SELKS evebox[281]: 2018-11-26 10:32:27 (server.go:332) Nov 26 10:32:30 SELKS evebox[281]: 2018-11-26 10:32:30 (server.go:332) Nov 26 10:32:33 SELKS evebox[281]: 2018-11-26 10:32:33 (server.go:332) Nov 26 10:32:36 SELKS evebox[281]: 2018-11-26 10:32:36 (server.go:332) Nov 26 10:32:39 SELKS evebox[281]: 2018-11-26 10:32:39 (server.go:335) Nov 26 10:32:39 SELKS evebox[281]: 2018-11-26 10:32:39 (elasticsearch.go:193) Nov 26 10:32:39 SELKS evebox[281]: 2018-11-26 10:32:39 (elasticsearch.go:232) Nov 26 10:32:39 SELKS evebox[281]: 2018-11-26 10:32:39 (server.go:131) Nov 26 10:32:39 SELKS evebox[281]: 2018-11-26 10:32:39 (server.go:165) Nov 26 10:32:39 SELKS evebox[281]: 2018-11-26 10:32:39 (server.go:276) lines 58-80/80 (END)
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/StamusNetworks/SELKS/issues/145, or mute the thread https://github.com/notifications/unsubscribe-auth/ABVz3T4Da5NxNZARx7Rgm_-yOoEExOXjks5uzBCcgaJpZM4YzU_W .
-- Regards, Peter Manev
Realice la instalacion de Selks en virtual box con 4 gb de ram 40 gb de disco rigido 2 ´procesadores. termine la instalacion entro a la pagina https://10.0.0.34/rules sin problemas. inicio secion pero suricana esta en rojo. no inicia. intente seguir los pasos de la guia e ir reconfigurando todo pero sigue igual.
root@SELKS:~# systemctl status suricata elasticsearch logstash kibana evebox && \
Nov 26 10:31:57 SELKS systemd[1]: Starting LSB: Next Generation IDS/IPS... Nov 26 10:31:57 SELKS suricata[522]: Starting suricata in IDS (af-packet) mode Nov 26 10:31:57 SELKS systemd[1]: Started LSB: Next Generation IDS/IPS.
● elasticsearch.service - Elasticsearch Loaded: loaded (/usr/lib/systemd/system/elasticsearch.service; enabled; ven Active: active (running) since Mon 2018-11-26 10:31:57 EST; 26min ago Docs: http://www.elastic.co Main PID: 521 (java) Tasks: 53 (limit: 4915) CGroup: /system.slice/elasticsearch.service ├─521 /usr/bin/java -Xms1g -Xmx1g -XX:+UseConcMarkSweepGC -XX:CMSIn └─738 /usr/share/elasticsearch/modules/x-pack-ml/platform/linux-x86
Nov 26 10:31:57 SELKS systemd[1]: Started Elasticsearch.
● logstash.service - logstash Loaded: loaded (/etc/systemd/system/logstash.service; enabled; vendor prese Active: active (running) since Mon 2018-11-26 10:31:55 EST; 26min ago Main PID: 286 (java) Tasks: 31 (limit: 4915) CGroup: /system.slice/logstash.service └─286 /usr/bin/java -Xms1g -Xmx1g -XX:+UseParNewGC -XX:+UseConcMark
Nov 26 10:33:27 SELKS logstash[286]: [2018-11-26T10:33:27,195][INFO ][logstash Nov 26 10:33:27 SELKS logstash[286]: [2018-11-26T10:33:27,204][INFO ][logstash Nov 26 10:33:27 SELKS logstash[286]: [2018-11-26T10:33:27,381][INFO ][logstash Nov 26 10:33:27 SELKS logstash[286]: [2018-11-26T10:33:27,382][INFO ][logstash Nov 26 10:33:28 SELKS logstash[286]: [2018-11-26T10:33:28,763][INFO ][logstash Nov 26 10:33:28 SELKS logstash[286]: [2018-11-26T10:33:28,810][INFO ][logstash Nov 26 10:33:29 SELKS logstash[286]: [2018-11-26T10:33:29,414][INFO ][logstash Nov 26 10:33:29 SELKS logstash[286]: [2018-11-26T10:33:29,582][INFO ][logstash Nov 26 10:33:29 SELKS logstash[286]: [2018-11-26T10:33:29,654][INFO ][filewatc Nov 26 10:33:30 SELKS logstash[286]: [2018-11-26T10:33:30,342][INFO ][logstash
● kibana.service - Kibana Loaded: loaded (/etc/systemd/system/kibana.service; enabled; vendor preset: Active: active (running) since Mon 2018-11-26 10:31:55 EST; 26min ago Main PID: 280 (node) Tasks: 10 (limit: 4915) CGroup: /system.slice/kibana.service └─280 /usr/share/kibana/bin/../node/bin/node --no-warnings /usr/sha
Nov 26 10:32:39 SELKS kibana[280]: {"type":"log","@timestamp":"2018-11-26T15:3 Nov 26 10:32:39 SELKS kibana[280]: {"type":"log","@timestamp":"2018-11-26T15:3 Nov 26 10:32:39 SELKS kibana[280]: {"type":"log","@timestamp":"2018-11-26T15:3 Nov 26 10:32:39 SELKS kibana[280]: {"type":"log","@timestamp":"2018-11-26T15:3 Nov 26 10:32:39 SELKS kibana[280]: {"type":"log","@timestamp":"2018-11-26T15:3 Nov 26 10:32:39 SELKS kibana[280]: {"type":"log","@timestamp":"2018-11-26T15:3 Nov 26 10:32:39 SELKS kibana[280]: {"type":"log","@timestamp":"2018-11-26T15:3 Nov 26 10:32:39 SELKS kibana[280]: {"type":"log","@timestamp":"2018-11-26T15:3 Nov 26 10:32:39 SELKS kibana[280]: {"type":"log","@timestamp":"2018-11-26T15:3 Nov 26 10:32:39 SELKS kibana[280]: {"type":"log","@timestamp":"2018-11-26T15:3
● evebox.service - EveBox Server Loaded: loaded (/lib/systemd/system/evebox.service; enabled; vendor preset: Active: active (running) since Mon 2018-11-26 10:31:55 EST; 26min ago Main PID: 281 (evebox) Tasks: 8 (limit: 4915) CGroup: /system.slice/evebox.service └─281 /usr/bin/evebox server
Nov 26 10:32:27 SELKS evebox[281]: 2018-11-26 10:32:27 (server.go:332)
Nov 26 10:32:30 SELKS evebox[281]: 2018-11-26 10:32:30 (server.go:332)
Nov 26 10:32:33 SELKS evebox[281]: 2018-11-26 10:32:33 (server.go:332)
Nov 26 10:32:36 SELKS evebox[281]: 2018-11-26 10:32:36 (server.go:332)
Nov 26 10:32:39 SELKS evebox[281]: 2018-11-26 10:32:39 (server.go:335)
Nov 26 10:32:39 SELKS evebox[281]: 2018-11-26 10:32:39 (elasticsearch.go:193)
Nov 26 10:32:39 SELKS evebox[281]: 2018-11-26 10:32:39 (elasticsearch.go:232)
Nov 26 10:32:39 SELKS evebox[281]: 2018-11-26 10:32:39 (server.go:131)
Nov 26 10:32:39 SELKS evebox[281]: 2018-11-26 10:32:39 (server.go:165)
Nov 26 10:32:39 SELKS evebox[281]: 2018-11-26 10:32:39 (server.go:276)
lines 58-80/80 (END)