search

StamusNetworks / scirius

Scirius is a web application for Suricata ruleset management and threat hunting.
GNU General Public License v3.0
614 stars 150 forks source link

Scirius Support for Elastisearch/kibana auth #224

Open ulysse31 opened 3 years ago

ulysse31 commented 3 years ago

Hello,

I've search over the entire Scirius online documentation, and was unable to find a way to do elasticsearch/kibana authentication on scirius config, did I miss something ? This is almost mandatory if we want to offload elasticsearch/kibana from the suricata machine. Thanks a lot for your help.

-- Ulysse31

pevma commented 3 years ago

This should be good in the next Scirius release.We have a test package actually , would you be willing to try/test it out ?

ulysse31 commented 3 years ago

Hi,

Sorry for the late, and yes ! I would be really happy to try it out ! is there a debian package somewhere for this version ? Were can I find it ?

Thanks a lot.

Cheers,

pevma commented 3 years ago

@ulysse31 - sorry for the late response.
Please test in a test/qa setup first.

To get the latest version : 1 - make sure you enable the SELKS testing repo (3rd line) 

cat /etc/apt/sources.list.d/selks6.list 

deb http://packages.stamus-networks.com/selks6/debian/ buster main
deb http://packages.stamus-networks.com/selks6/debian-kernel/ buster main
deb http://packages.stamus-networks.com/selks6/debian-test/ buster main

2- 

apt-get update && apt-get  install python3-distutils python3-daemon gunicorn3 python3-gunicorn python3-lockfile  python3-setuptools python3-lib2to3

3 - 

apt install scirius