Skip to content
This repository has been archived by the owner on Apr 16, 2021. It is now read-only.

Kibana dashboard for Snort performance #467

Closed
GoogleCodeExporter opened this issue Mar 24, 2015 · 0 comments
Closed

Kibana dashboard for Snort performance #467

GoogleCodeExporter opened this issue Mar 24, 2015 · 0 comments
Labels
auto-migrated Priority-Medium Type-Defect

Comments

@GoogleCodeExporter
Copy link 

https://groups.google.com/d/topic/security-onion/uvTqDAxsaSo/discussion

I think you could probably do the same thing with ELSA without having 
to install any additional software or pay for any licensing.  You 
could either: 

- configure syslog-ng on the master server to monitor 
/var/log/nsm/securityonion/sguild.log and then write a pattern to 
parse the SnortStats lines 

or 

- configure syslog-ng on all the sensors to monitor the snort.stats 
file(s) and then write a pattern for those 

Then build a dashboard in ELSA to present the data.

Original issue reported on code.google.com by doug.bu...@gmail.com on 10 Jan 2014 at 11:17
@dougburks dougburks changed the title ELSA dashboard for Snort performance Kibana dashboard for Snort performance Apr 11, 2017
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
auto-migrated Priority-Medium Type-Defect
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dougburks @GoogleCodeExporter