Replies: 1 comment
-
|
If you are able to add a third node, then you can add a search node and you should start seeing logs. If for some reason you can only use two nodes then you can build a new deployment with a Manager Search node (instead of just a Manager) and a sensor. From https://docs.securityonion.net/en/2.4/architecture.html#distributed: |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
I have recently installed a new distributed setup for security onion, I have a manager and a sensor. On sensor I see suricata and zeek traffic from the monitoring interface, however when I go the the manager I don't see anything on the dashboard or in Kinaba.
Processes on manager
Processes on sensor
Both are in OK status.
What could I have been missing ?
Beta Was this translation helpful? Give feedback.
All reactions