Skip to content

TripleConsult/suricata_grafana_dashboard

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
IDS-IPS-Grafana.png
IDS-IPS-Grafana.png
 
 
LICENSE.md
LICENSE.md
 
 
README.md
README.md
 
 
dashboard.json
dashboard.json
 
 

Repository files navigation

IDS / IPS Dashboard

this is a dashboard that visualizes suricata entries

Require

suricata
elasticsearch <7.xx
filebeat <7.xx
grafana 7.xx/8.xx

Configure

filebeat:

# ---------------------------- Elasticsearch Output ----------------------------
output.elasticsearch:
  # Array of hosts to connect to.
  hosts: ["yourhostip:port"]
  # index: "filebeat-suricata"
  # Protocol - either `http` (default) or `https`.
  #protocol: "https"

  # Authentication credentials - either API key or username/password.
  #api_key: "id:api_key"
  username: "elasticuser"
  password: "setsecrethere"

we use the suricata module from filebeat:

cd /etc/filebeat/modules.d
mv suricata.yml.disabled suricata.yml

screenshot

IDS-IPS

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

11 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published