Hi folks! SELKS is great stuff. Read the manual. ;) https://jasonish-suricata.readthedocs.io/en/latest/ You can suppress alerts via web interface (and maybe desktop), but there are some limitations: 1. A suppress rule allows filterin either by source address OR by target address. 2. You can not import a bulk of suppress rules into a fresh installation. The […]
HINTS: https://github.com/StamusNetworks/SELKS/wiki/SELKS-5.0-RC1/_edit#kibana-dashboards Login as selks-user with password selks-user. $ sudo su – # passwd selks-user # passwd root If you are using version 5.0 RC1 open /etc/scirius/local_settings.py and change KIBANA_DASHBOARDS_PATH = “/opt/selks/kibana6-dashboards/” to KIBANA6_DASHBOARDS_PATH = “/opt/selks/kibana6-dashboards/”. then run (as root) cd /usr/share/python/scirius/ && . bin/activate && python bin/manage.py kibana_reset && deactivate You will not find […]
There are no scripts in /opt/selks/Scripts/Setup/. You will find them in /usr/bin. Update your construction via # selks-upgrade_stamus Do not configure stuff manually during update process!
bytes and bones 