majst01
commented
4 years ago a nice writeup to setup elk for suricata is here: https://www.howtoforge.com/tutorial/suricata-with-elk-and-web-front-ends-on-ubuntu-bionic-beaver-1804-lts/
Open majst01 opened 4 years ago
majst01
commented
4 years ago a nice writeup to setup elk for suricata is here: https://www.howtoforge.com/tutorial/suricata-with-elk-and-web-front-ends-on-ubuntu-bionic-beaver-1804-lts/
majst01
commented
4 years ago I think we should go with https://github.com/jasonish/evebox single binary, no external dependencies comes with simple web ui
majst01
commented
3 years ago Also zeek.org seems at least interesting for network packet logging
On cool tool already exists: https://github.com/DCSO/fever integrate that !