hey everyone, i hope u all doing good, please i need your help here, well i have installed 3 VM, first one is the server where i've already install Elasticsearch and kibana, the second VM is a linux client , and the third VM is a windows client, well i've already installed winlogbeat and packetbeat in windows client and it works , i can see them sending logs on kibana, now what i want to do is installing suricata module, the question is should i install suricata in the clients VM or on the server?
I'm lost , because like if i have 10 clients, and i need to use suricata to secure my network, then i'll should install suricata module in my server ??
any ideas please !!
Any one to help me !!?
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.