-
Notifications
You must be signed in to change notification settings - Fork 287
Config files
Peter Manev edited this page Aug 10, 2016
·
25 revisions
SELKS uses the following Suricata config files,directories and locations:
- Generic build parameters:
-
Installation prefix: /usr Configuration directory: /etc/suricata/ Log directory: /var/log/suricata/
--prefix /usr --sysconfdir /etc --localstatedir /var
Suricata is compiled on SELKS with the following configure line:
./configure --prefix=/usr/ --sysconfdir=/etc/ --localstatedir=/var/ \ --enable-nfqueue --enable-non-bundled-htp --disable-gccmarch-native \ --enable-geoip --enable-gccprotect \ --with-libnss-libraries=/usr/lib --with-libnss-includes=/usr/include/nss/ \ --with-libnspr-libraries=/usr/lib --with-libnspr-includes=/usr/include/nspr \ --enable-luajit
SELKS makes use the following elasticsearch config files:
/etc/elasticsearch/elasticsearch.yml /etc/elasticsearch/logging.yml /etc/default/elasticsearch
SELKS makes use the following logstash config files:
/etc/logstash/conf.d/logstash.conf /etc/default/logstash
If you have made any changes to the configs and would like to reset back to the default configuration that SELKS uses - please read on. Below are the SELKS default distribution config files that you can use to restore back:
/opt/selks/Scripts/Configs/Logstash/ /opt/selks/Scripts/Configs/Logstash/etc/ /opt/selks/Scripts/Configs/Logstash/etc/logstash/ /opt/selks/Scripts/Configs/Logstash/etc/logstash/conf.d/ /opt/selks/Scripts/Configs/Logstash/etc/logstash/conf.d/logstash.conf /opt/selks/Scripts/Configs/Elasticsearch/ /opt/selks/Scripts/Configs/Elasticsearch/etc/ /opt/selks/Scripts/Configs/Elasticsearch/etc/elasticsearch/ /opt/selks/Scripts/Configs/Elasticsearch/etc/elasticsearch/elasticsearch.yml /opt/selks/Scripts/Configs/Conky/ /opt/selks/Scripts/Configs/Conky/etc/ /opt/selks/Scripts/Configs/Conky/etc/conky/ /opt/selks/Scripts/Configs/Conky/etc/conky/conky.conf /opt/selks/Scripts/Configs/Logrotate/ /opt/selks/Scripts/Configs/Logrotate/etc/ /opt/selks/Scripts/Configs/Logrotate/etc/logrotate.d/ /opt/selks/Scripts/Configs/Logrotate/etc/logrotate.d/suricata
These files are part of the selks-scripts-stamus Debian package that is installed by default on SELKS.