METRON-1216, METRON-1217
On September 28, 2017 at 15:47:39, Simon Elliston Ball ( si...@simonellistonball.com) wrote: Don't think we have a JIRA yet... I'm just thinking aloud, but if this works as a discuss, we can turn it into a JIRA. Simon On 28 Sep 2017, at 20:39, Otto Fowler <ottobackwa...@gmail.com> wrote: Simon, is there a jira for this? I would think this was a known limitation to be addressed later. On September 28, 2017 at 15:29:57, Simon Elliston Ball ( si...@simonellistonball.com) wrote: Right now, you can't. I believe we should be taking the lost of index prefixes we use in the ui from the index config via the rest api, we can pull the names from each sensor index config and use that as the prefix in the ui. That way we pickup any new index automatically. Simon On 28 Sep 2017, at 20:04, Otto Fowler <ottobackwa...@gmail.com> wrote: How would you add a new sensor in? Like squid if you were doing the tutorial? On September 28, 2017 at 14:52:11, RaghuMitra Kandikonda ( raghumitra....@gmail.com) wrote: Alerts UI shows all the records in the indexes for the following sensors 'websphere', 'snort', 'asa', 'bro', 'yaf'. It does not show records under .kibana as they are not the alerts generated by the system. Usually the index names for the sensors would have a sensor name prefix followed by timestamp Ex: snort_index_2017.09.28.18 -Raghu On Thu, Sep 28, 2017 at 11:08 PM, Laurens Vets <laur...@daemon.be> wrote: > Hello, > > I've got the Alerts UI up and running. However, I do not see any alerts. I > can see events in Kibana with "is_alert" set to "true" and with a score as > well, but they do not show up in the Alerts UI. > > How and where does the Alerts UI get actual alerts?
