Ftp.password <hidden>

[JAEP2]

Version

2.4.30

Installation Method

Network installation on Red Hat derivative like Oracle, Rocky, Alma, etc.

Description

configuration

Installation Type

Distributed

Location

on-prem with Internet access

Hardware Specs

Exceeds minimum requirements

CPU

16

RAM

32

Storage for /

8TB

Storage for /nsm

6TB

Network Traffic Collection

span port

Network Traffic Speeds

1Gbps to 10Gbps

Status

Yes, all services on all nodes are running OK

Salt Status

No, there are no failures

Logs

No, there are no additional clues

Detail

Hi, In kibana the ftp.password shows , exist anyway to see the clear passwords in dashboards? I read the zeek documentation and seems exist an option to enable clear text password but I can't find where to change this option.

Thanks in advanced, keep rock!!!

Guidelines

• I have read the above statement and can confirm my post is relevant to Security Onion 2.4.

[dougburks]

Here's the relevant documentation:
https://docs.securityonion.net/en/2.4/zeek.html#configuration
https://docs.securityonion.net/en/2.4/administration.html#configuration

Based on the documentation, I would try the following:

• go to SOC Configuration
• enable advanced settings
• navigate to Zeek --> config --> local --> redef
• apply your Zeek option on the right side
• click the SYNCHRONIZE GRID button

[JAEP2]

Hi Doug,

Works fine!! Thanks a lot