Replies: 1 comment 3 replies
-
|
You'll need to allow that host/port in the Security Onion grid. Instructions on configuring custom host and port groups can be found here: https://docs.securityonion.net/en/2.4/firewall.html#creating-a-custom-host-group-with-a-custom-port-group |
Beta Was this translation helpful? Give feedback.
-
|
Thank you for your response! However, I still haven't been successful in getting the 9001 Port to show up. Moreover, after rebooting, the system fails to start with multiple module failures such as 'so-elasticsearch.' Currently, the only option seems to be reinstalling before I can attempt anything else! Thank you. |
Beta Was this translation helpful? Give feedback.
-
|
Thank you for your explanation. We can now see the 9514 Port. So far I still can't see the LOG coming in. Use the tcpdump command to confirm that the log is sent to the so host. |
Beta Was this translation helpful? Give feedback.
-
|
|
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
Version
2.4.30
Installation Method
Security Onion ISO image
Description
installation
Installation Type
Distributed
Location
airgap
Hardware Specs
Meets minimum requirements
CPU
8
RAM
16
Storage for /
350
Storage for /nsm
650
Network Traffic Collection
tap
Network Traffic Speeds
Less than 1Gbps
Status
Yes, all services on all nodes are running OK
Salt Status
Yes, there are salt failures (please provide detail below)
Logs
Yes, there are additional clues in /opt/so/log/ (please provide detail below)
Detail
How can I enable port 9514 to allow SonicWall syslog to be sent to a Security Onion 2.4.30 host for analysis? Integration settings have been configured, but the use of port 9514 is required.
Guidelines
Beta Was this translation helpful? Give feedback.
All reactions