search

StamusNetworks / scirius

Scirius is a web application for Suricata ruleset management and threat hunting.
GNU General Public License v3.0
614 stars 150 forks source link

Suricata and Selks i Need fast.log #211

Closed antiqued4 closed 3 years ago

antiqued4 commented 3 years ago

Hello guys, so I just installed the ISO selks, configured Suricata, everything is working. I throw packages from my router to the meerkat for it to analyze, and it's working. The problem is that I need to make a connection between the meerkat and my router, so that when I receive an alert, it will create a rule on my router blocking this IP. It uses the fast.log file, in the clean installation of Suricata the API works perfectly, but I need to use it with SELKS, but suricata no longer generates the fast.log file, nor does it exist in the folder, does anyone know why and how to generate it ? I tried to use eve.log to catch the errors but the API's wrong.

antiqued4 commented 3 years ago

At Enabled in the Selks configuration files.