Hello, I have this error when I am setting up ELK servers + Suricata . [Capture]

Have a problem with my Suricata + ELK stack

stephenb (Stephen Brown) August 16, 2021, 6:16am 8

Ok so are you using the suricata filebeat module?

If so there are certain steps / configuration you need for your architecture... Look at this post by me...

It's for ngnix logs but same principles apply.. look at these 2 posts

Topic		Replies	Views
Suricata and Kibana in Ubuntu 18.04 Kibana	7	1143	July 25, 2020
Failed load Suricata Dashboard Kibana	12	1473	March 20, 2020
Filebeat suricata Beats beats-module , filebeat	10	899	June 28, 2022
Suricata module not working as expected Beats filebeat	8	2582	May 27, 2019
Filebeat cannot connect with Elasticsearch (ELK Stack setup for Suricata) Beats elastic-stack-security , filebeat	2	430	September 11, 2023

Elasticsearch is a trademark of Elasticsearch BV, registered in the U.S. and in other countries
Trademarks
Terms
Privacy
Brand
Code of Conduct

Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.

Have a problem with my Suricata + ELK stack

Related topics