Print Page - How do you get eve.json from router to computer for evebox

Title: How do you get eve.json from router to computer for evebox
Post by: someone on October 17, 2024, 11:57:04 PM

I install evebox on the computer
Command line
evebox server -D . --datastore sqlite --input /var/log/eve.json
How do I get the eve.json file from the router
I go to localhost:5636/#/inbox and evebox is working in browser
How do I get the eve.json export feed from suricata
I know thats not the location of the eve,json file, its just example

Title: Re: How do you get eve.json from router to computer for evebox
Post by: someone on October 18, 2024, 03:37:03 AM

Reason is looking for a live feed, the alerts tab is not live,
the log files are not live, my alerts will go thru pages in a couple seconds
Would like to monitor them when they slow down
And dont want to pay elastic stack fees

Title: Re: How do you get eve.json from router to computer for evebox
Post by: someone on October 18, 2024, 04:26:23 AM

Ahh have to set up a syslog server
opnsense has a section for that in logging
going to try that out

OPNsense Forum

English Forums => General Discussion => Topic started by: someone on October 17, 2024, 11:57:04 PM