So since the middle of last month, around Oct 13, so was that 22.7.6 timeframe, including 27.7.7_1 and continuing.
I cant see logs / alerts in the IDS Alerts tab/page. But looking at the eve.json in /var/log/suricata/eve.json there is data there. At first it wasnt creating logs, so I deleted all old history and then it re-created the eve.json and logs are now showing up there, still not in the alerts tab.
Any ideas? anyone else have the same issue?
its working, eve.json was only showing anomaly's when I first posted, let it run longer and any alert or drop shows in the alerts tab. Anomaly's dont show up.