Project

General

Profile

Actions
Copy link

Support #3704

closed

Suricata alerts don't show up in Prelude-SIEM

Added by Little Yu over 4 years ago. Updated over 4 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Community Ticket
Affected Versions:
Label:

Description

Hello,

I've been trying for the past week to configure both Suricata and Prelude but it seems like Suricata alerts don't show up in Prelude even though I've added it to prelude and the alerts show up in fast.log normally.

Can you help me ?

Thanks

Actions
Copy link
 #1

Updated by Victor Julien over 4 years ago

  • Tracker changed from Bug to Support
  • Assignee set to Community Ticket
  • Priority changed from Immediate to Normal
Actions
Copy link
 #2

Updated by Andreas Herz over 4 years ago

Can you share more details about your setup/configuration?

Actions
Copy link
 #3

Updated by Thomas Andrejak over 4 years ago

Hello

We need these information:
  • Linux Distribution
  • Version of Prelude ? With packets ?
  • Version of suricata ? With packets ?
  • Triggered rules that should shows up in Prelude ?

You can download a prepared iso with Prelude and Suricata included here: https://www.prelude-siem.org/pkg/prelude_va/prelude-oss-v5.1.0.iso

Regards

Actions
Copy link
 #4

Updated by Little Yu over 4 years ago

Andreas Herz wrote in #note-2:

Can you share more details about your setup/configuration?

Hi, thanks a lot for your answer but I've finally resolved it. I don't know what the problem was as all I did was deleted everything and install it again with the same setup/config.

Thanks again!

Actions
Copy link
 #5

Updated by Victor Julien over 4 years ago

  • Status changed from New to Closed
Actions
Copy link

Also available in: Atom PDF