Good material. I am an application architect and learn a lot from this video.

Nice work!

Damn bro! Best tutorial

Hey ,, is it possible use this without logstash, i have environment from filebeat directly to elasticsearch. If possible, can you please do a video for it?? Thanks so much

Thanks for posting. I like your style/system of setting up a network. I use Proxmox and going to apply this to my system.

Hey. This video is extremely helpful. Thank you so much for making it. I followed it to the T and got everything working. However it appears there is an issue with the latest version of Java and log stash. Log stash is broken with java version 11.0.9+11. I am running the latest version of Ubuntu 18.04. Any ideas? I'd be happy to send you the logs

I love your videos. Please keep on!

Hey dude! I already have a Pfsense with a suricata installed how can i get my datas from there and put them in Dashboard ?

How does this compare to the Suricata module that can be enabled of filebeat? Helpful video, thanks!

It will be great if you can do a video for this essential step (Port Mirroring) for Cisco Meraki and Pfsense ... Thank you ! I would love to have some info for Ubiquiti Dream Machine Pro but from your videos i don't think that you have that machine .....

Great video and please keep more of these videos !!!👏👏👏👏👏

Wondering for all that kind of systems IDS, do we have just to connect it to the same switch where our network is? So just connect to a switch will work ? Or we need a firewall in front and do some configuration on it? If yes what we have to do? I like Ubiquiti Dream Machine Pro and Pfsense .... Can you please do a video for it? Thank you

hey! great video! can you make video on Kibana configuration please? Ubuntu-surikata-filebeat(?)-kibana? Is that how it works? Also, is there a way to collect logs from suricata, send them over to a main server where kibana installed and import the logs into kibana? Really need to know. Thank you!

Your awesome man this information is amazing

Like the theory but between memory leaks and overutilization of memory had the put snort back.

I have the filebeat, logstash and suricata running and I can see the traffic on the tcpdump but kibana is not populating, any suggestions? Thank you for this great content.

nice video able to do one with firewall ?

another amazin video

Brother How do I setup this same thing in a security onion, I think my security onion already has this installed by default and want to setup as yours.

Hi, how can setup ddos attack rule in suricate 4.1 version on Centos? I used default rule which was created from suricate itself. Could you plz help me for the above problem. Another query sometime I can able to see the detection and alert for our network in suricate but when I am trying to attack from remote machine to our network that’s not detecting and also not getting traffic in suricata. Suricata is running on esxi and enabled promiscuous on esxi.

Hi, I used suricata on esxi and i have enabled promiscuous on esxi vswitch and we have direct connectivity esxi with core switch which is connected on wan firewall and already configured span on core switch as input on wan interface and out filter as interface where is esxi nids connected. In some cases i am able to see the other esxi traffic on my nids which belongs from my same infra but VMs traffic (these vm is running in different esxi) is not able to see on my nids. Note:- When i am generating traffic on esxi which belongs to the same i cant see the traffic on nids but in some time i am able to see attacks on thes esxi and that is captured on nids. i dont know whats problem here Could you please help me with this.

So will it be necessary to implement winlog or auditbeats when you have this done

is all those suricata rules reflecting/mirroring on the IPTABLES conf file? For newbies like me, I would appreciate it you did waste our time,because I would want a detailed step by step on how to get all the programs to work to report back to Elastic. I'm not good in Linux and I dont know the specific commands in order to follow every step you have in this video to get in the correct directory. I mean those you did not show because you wanted to save time. Also,do all those ports needed to be port forwarded on your router or on your Windows firewall settings?

hello good afternoon, very good video to the letter I followed it. perfect.

Hello, when I run the make install-rules command I get an error to say the file is not in gzip format. How do I get around this please?

Nice video bro, Thank you

@All is there a way we can implement it on AWS somehow? But i have all servers attached to public subnets. If there is way please let me know. Thanks in advance

Great video

HEY! My dashboards are all ok except the HTTP one. It does not show any values

Hello sir, can this work in Wazuh?

hey, i wont to install and implement on Centos 7 :( Help Me. Thank you

How to get all traffic from Mikrotik Router to suricata?

hey man.very good videos.....mine is not working :(

can you port mirror on vmware workstation pro?

halo, why in my dashboard, there is no suricata log? whereas in my suricata vm has been detected the log using command "tail -f /var/log/suricata/fast.log" please respond where is the mis step that i did? i did whole step that u told. thanks.

at 23:30 why you escape number 3?

Need your help

Hi sir

@I.T Security Labs For some reason I cannot reach my kibana webpage.

Hi i m not using VMware , I m using proxmox server

I install not running

Great Content !! For some reason synlite logstash.output is getting 401 authentication error , any tip to help solve it ?