Is there anything under the “Events” tab? How are you adding your Suricata events to Elasticsearch?
Event tab on Evebox is nothing,
I try create Fleet server set my server IP
and I got this error
Before I can create it but after I uninstall I can’t create it anymore
When I create it I set agent as suricata but I don’t get anylogs from suricata
Does I do wrong way ro not sir
Can u guide me the right way to add suricata events to Elasticsearch please.
I just configuration Elastic and Suricata already sir but evebox still can’t get logs from Elastic
I just add Elastic agent for suricata. Now I can view logs on Elastic but when I configuration evebox It’s still not get logs
Why it’s not get logs sir ?
How are you currently sending Suricata events to Elasticsearch?