Scirius Support for Elastisearch/kibana auth

[ulysse31]

Hello,

I've search over the entire Scirius online documentation, and was unable to find a way to do elasticsearch/kibana authentication on scirius config, did I miss something ?
This is almost mandatory if we want to offload elasticsearch/kibana from the suricata machine.
Thanks a lot for your help.

--
Ulysse31

[pevma]

This should be good in the next Scirius release.We have a test package actually , would you be willing to try/test it out ?

[ulysse31]

Hi,

Sorry for the late, and yes ! I would be really happy to try it out ! is there a debian package somewhere for this version ?
Were can I find it ?

Thanks a lot.

Cheers,

[pevma]

@ulysse31 - sorry for the late response.
Please test in a test/qa setup first.

To get the latest version :
1 - make sure you enable the SELKS testing repo (3rd line)

cat /etc/apt/sources.list.d/selks6.list 

deb http://packages.stamus-networks.com/selks6/debian/ buster main
deb http://packages.stamus-networks.com/selks6/debian-kernel/ buster main
deb http://packages.stamus-networks.com/selks6/debian-test/ buster main

2-

apt-get update && apt-get  install python3-distutils python3-daemon gunicorn3 python3-gunicorn python3-lockfile  python3-setuptools python3-lib2to3

3 -

apt install scirius