philhagen
commented
2 years ago Elastalert is already installed, but SigmaUI is not on our roadmap at this time.
Closed FrancescoFaenzi closed 2 years ago
philhagen
commented
2 years ago Elastalert is already installed, but SigmaUI is not on our roadmap at this time.
FrancescoFaenzi
commented
2 years ago Wow thank you. Can't find Elastalert in Kibana console. Where is it installed?
philhagen
commented
2 years ago I don't believe there is a Kibana component for that - we installed it for another SANS course to use and it seemed to meet their requirements but I personally have not worked closely with that package
FrancescoFaenzi
commented
2 years ago Is it anyway installed in the latest here http://for572.com/sof-elk-vm? We'll look for it!
Hello we are having issues installing SigmaUI (https://github.com/socprime/SigmaUI) and Elastalert (https://github.com/Yelp/elastalert) with SOF-ELK. The goal is to run SIGMA rules on historical logs uploaded in SOF-ELK. Any clue / any experience?