Extending this to the user list as well. Whoever needs help can you quickly
let me know:
- What environment are you installing on (a single VM, multiple VMs, bare
metal, AWS, etc)
- What OS are you using
- How many sensors are you going to be consuming
I'll throw a meeting together once I
If we support indexing through extensions down the road we can add in
support for older versions or other back ends as well.
On October 4, 2017 at 15:47:35, James Sirota (jsir...@apache.org) wrote:
I am in favor of moving to 5.x and dropping support for 2.x. As Justin
mentioned, Elastic have
1 - It us up to you to install and configure snort however you want. Metron simply consumes the Snort telemetry, but is not opinionated about how you setup your sensors. I would recommend starting with the community rule set: https://www.snort.org/faq/what-are-community-rules 2 - Again, this is
I am in favor of moving to 5.x and dropping support for 2.x. As Justin mentioned, Elastic have very good docs around cluster migrations and the procedure itself to upgrade from 2.x to 5.x is very simple. https://www.elastic.co/guide/en/elasticsearch/reference/current/restart-upgrade.html I don't