Replies: 2 comments
-
|
any ideas how can i config that ? |
Beta Was this translation helpful? Give feedback.
-
|
As mentioned at #11905: You should be able to do something similar by copying the log.id.uid field value and then searching SOC Dashboards or Hunt for it. Most folks avoid this issue altogether by simply using SOC Dashboards as their primary dashboards interface: We have no plans to update the Kibana dashboards. Is there some particular reason why you can't use SOC Dashboards? If you absolutely have a hard requirement for Kibana, you could always create your own custom Kibana dashboards. |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
Version
2.4.0
Installation Method
Security Onion ISO image
Description
configuration
Installation Type
Standalone
Location
on-prem with Internet access
Hardware Specs
Meets minimum requirements
CPU
20
RAM
100000
Storage for /
1000
Storage for /nsm
1000
Network Traffic Collection
span port
Network Traffic Speeds
more than 10Gbps
Status
Yes, all services on all nodes are running OK
Salt Status
Yes, there are salt failures (please provide detail below)
Logs
Yes, there are additional clues in /opt/so/log/ (please provide detail below)
Detail
hi , anyone knows how to get the " hunt and optionally pivot to PCAP " on 2,4 version???
this is 2.3 version
with 2.4 version i see the id only , which it wont click and direct to the PCAP
Guidelines
Beta Was this translation helpful? Give feedback.
All reactions