Project

General

Profile

Feature #10421

suricata unix_stream support for telegraf

Added by Manuel Piovan 4 months ago. Updated 24 days ago.

Status:
Resolved
Priority:
Very Low
Assignee:
-
Category:
Suricata
Target version:
-
Start date:
04/03/2020
Due date:
% Done:

0%

Estimated time:

Description

it would be nice if there was support for telegraf under suricata
input.suricata need unix socket to be created for listening

suricata need
- eve-log:
enabled: yes
filetype: unix_stream
filename: suricata-stats.sock
types:
- stats:
threads: yes

i've made a test and it work if i manually edit the suricata.yaml
more info https://github.com/influxdata/telegraf/tree/master/plugins/inputs/suricata

Immagine.jpg (80.8 KB) Immagine.jpg grafana+suricata example Manuel Piovan, 04/03/2020 10:29 AM

History

#1 Updated by Bill Meeks 24 days ago

Support for the requested feature has been added to the latest version of the Suricata GUI package, version 5.0.3. The pull request has been merged. Details are available here: https://github.com/pfsense/FreeBSD-ports/pull/901.

This request can be marked as RESOLVED.

#2 Updated by Jim Pingle 24 days ago

  • Status changed from New to Resolved

Also available in: Atom PDF