security onion configuration for event log collection from another vms

[witekenea]

Version

2.4.30

Installation Method

Security Onion ISO image

Description

configuration

Installation Type

Distributed

Location

cloud

Hardware Specs

Meets minimum requirements

CPU

12

RAM

64

Storage for /

200

Storage for /nsm

500

Network Traffic Collection

span port

Network Traffic Speeds

Less than 1Gbps

Status

Yes, all services on all nodes are running OK

Salt Status

No, there are no failures

Logs

No, there are no additional clues

Detail

I have set up my security onion distributed version with one manager node,one sensor node and one search node. this installation is on proxmox and i have two other vms on the same proxmox which are kali linux and ubuntu server. how can i sent log from those vms to my security onion?

Guidelines

• I have read the discussion guidelines at Read before posting! #1720 and assert that I have followed the guidelines.

[cm-ops]

You could use the Elastic Agent to send logs https://docs.securityonion.net/en/2.4/elastic-agent.html

[witekenea]

did it go the same if i want to send log and traffics from another vms which are outside the seconion environment? do i just need to install elastic agent on them or i also need sensor node?