search

StamusNetworks / scirius

Scirius is a web application for Suricata ruleset management and threat hunting.
GNU General Public License v3.0
626 stars 150 forks source link

Timestamp/Dates Stucked #189

Open rudresh-rdx opened 5 years ago

rudresh-rdx commented 5 years ago

Hey ,

I had deployed Scirius Community Edition (Scirius CE v3.2.0) but time is not proper from yesterday. In Json file Time & Date are proper but it is not showing on UI panel PLEASE HELP !!

Eve Box Alert Hunt

pevma commented 5 years ago

Can you share a json record?

rudresh-rdx commented 5 years ago

We had removed Logs data so time changed but still real time logs are showing proper This is our:-

  1. JSON Record (/var/log/suricata/eve.json eve.txt
  2. Scirius error log scirius-error.log
pevma commented 5 years ago

You may need to adjust the time zone of Scirius I think - inside the account settings - could you try that and see if any difference?

rudresh-rdx commented 5 years ago

It is previously done from settings end (ITC-Asia Kolkata). No Change

pevma commented 5 years ago

Could you please share a full screen shot ? (you can share it privately if you would like)

rudresh-rdx commented 5 years ago

Sir,

Thing is as my real time Overall traffic is approx 800Mbps in/out . So the issue is as am trying in SSD for OS and for logs am mounting it to a SATA Disk. Primarily when am installing for approx 2 hrs logs are proper with time after that the issue occurs of timestamp mismatch.

Please let me know, Is Scirius installation is Possible on RAID 0 or RAID 10 or not ?

On Thu, Sep 5, 2019 at 7:49 PM Peter Manev notifications@github.com wrote:

Could you please share a full screen shot ? (you can share it privately if you would like)

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/StamusNetworks/scirius/issues/189?email_source=notifications&email_token=ANC3NCJSVZAE6EZBX3E36CDQIEIQFA5CNFSM4ITTAHV2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD57IV3I#issuecomment-528386797, or mute the thread https://github.com/notifications/unsubscribe-auth/ANC3NCJX3M7GJU2MZJVYALTQIEIQFANCNFSM4ITTAHVQ .

-- R.D

pevma commented 5 years ago

Quick question - do you have the same issue if you try out the install the bundled in SELKS ? https://www.stamus-networks.com/open-source/

https://www.stamus-networks.com/sn-dl/selks/60c52286df9d1d250efac3f24644bd5b59bf5728d2c50bd722d8e4c9e8ce2089/SELKS-5.0-desktop.iso

Wiki:
https://github.com/StamusNetworks/SELKS/wiki

For first time setup:
https://github.com/StamusNetworks/SELKS/wiki/First-time-setup#first-time-setup