Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SELKS/Suricata output to another probe or SOC #464

Open
1 task done
michal25 opened this issue May 29, 2024 · 1 comment
Open
1 task done

SELKS/Suricata output to another probe or SOC #464

michal25 opened this issue May 29, 2024 · 1 comment

Comments

@michal25
Copy link

Is there an existing feature request that has already been created?

  • I have searched the exiting features requests

Is your feature request related to a problem? Please describe.

My question is.
Is it possible to forward SELKS/Suricata output to another probe or SOC?

Destination probe will mark the data as Probe1, Probe2 etc.

Searching machines will find issues with answer yes, but no text about HOW.
For example snort / barnyard had this possibility and it was very useful.

Describe the solution you would like?

URL to manual how to use the options in the suricata.yaml configuration file.

Alternative Solutions

No response

Additional Context

No response
@michal25 michal25 changed the title ✨✨ <SELKS/Suricata output to another probe or SOC> SELKS/Suricata output to another probe or SOC May 29, 2024
@pevma
Copy link
Member

pevma commented May 30, 2024

Yes, you can do that on any suricata install - just use filebeat for example to forward the logs.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@pevma @michal25