I finally got a working setup of OSSEC using the ELK (Elastic, Logstash, Kibana) stack, I followed the tutorial here:

https://documentation.wazuh.com/1.1/installation.html

That got me up and running fairly quickly. I then wanted an instance of SNORT with Barnyard2 for visualization. I used the following tutorials to get that running:

https://www.vultr.com/docs/how-to-configure-snort-on-debian
https://www.vultr.com/docs/setup-barnyard-2-with-snort

So, I was up and running. I am now looking into the https://securityonion.net/

Leave a Reply

Your email address will not be published. Required fields are marked *