Project

General

Profile

Actions

Feature #10421

closed

suricata unix_stream support for telegraf

Added by Manuel Piovan almost 4 years ago. Updated over 3 years ago.

Status:
Resolved
Priority:
Very Low
Assignee:
-
Category:
Suricata
Target version:
-
Start date:
04/03/2020
Due date:
% Done:

0%

Estimated time:
Plus Target Version:

Description

it would be nice if there was support for telegraf under suricata
input.suricata need unix socket to be created for listening

suricata need
- eve-log:
enabled: yes
filetype: unix_stream
filename: suricata-stats.sock
types:
- stats:
threads: yes

i've made a test and it work if i manually edit the suricata.yaml
more info https://github.com/influxdata/telegraf/tree/master/plugins/inputs/suricata


Files

Immagine.jpg (80.8 KB) Immagine.jpg grafana+suricata example Manuel Piovan, 04/03/2020 10:29 AM
Actions #1

Updated by Bill Meeks over 3 years ago

Support for the requested feature has been added to the latest version of the Suricata GUI package, version 5.0.3. The pull request has been merged. Details are available here: https://github.com/pfsense/FreeBSD-ports/pull/901.

This request can be marked as RESOLVED.

Actions #2

Updated by Jim Pingle over 3 years ago

  • Status changed from New to Resolved
Actions

Also available in: Atom PDF