Show Posts
1
Intrusion Detection and Prevention / How can we export suricata alerts as syslog/raw udp ?
« on: March 28, 2023, 04:47:51 pm »
I am running
OPNsense 23.1.4_1-amd64
FreeBSD 13.1-RELEASE-p7
OpenSSL 1.1.1t 7 Feb 2023
and looking for a way to stream out IDS alerts into an elastic stack that I have running locally. At the moment, I have a syslog receiver getting other logs from opnsense like filter and dhcp but there are no IDS alerts in there. In the logging target setting, it is set to send all services and all levels. How can I achieve this ?
OPNsense 23.1.4_1-amd64
FreeBSD 13.1-RELEASE-p7
OpenSSL 1.1.1t 7 Feb 2023
and looking for a way to stream out IDS alerts into an elastic stack that I have running locally. At the moment, I have a syslog receiver getting other logs from opnsense like filter and dhcp but there are no IDS alerts in there. In the logging target setting, it is set to send all services and all levels. How can I achieve this ?