jouellnyc
commented
5 years ago FWIW -
I split off just the sensor on the pi option # and the other elk pieces on another box. That's the only way I got it to install.
I first tried ALL critical stack IOCs - is was too much. Currently it's site is having issues. I was only able to install w/o critical stack.
I intend to try again....
HTH
Hell Travis,
Awesome work on kick starting this initiative.
I had a couple questions. After reading your install and watching your B-Sides demo, you mentioned the limitations of the Raspberry Pi. One of the limitations is the 1GB of RAM.
1) Since the install requires 2 GB total and you recommended splitting the install into two separate pis (which you have nicely provided in your script). I am assuming you mean to install the "Sensor Only" server on one pi and the "Web Server Only" server on another. is there further configurations required to get the two of them to communicate to each other in order to feed the sensor data to the kibana web server to create the beautiful diagrams, etc?
2) what ciritcal stack feeds do you recommend to use in conjunction with our bro ids?
thank you for all you do.
sincerely,
unitelife