I didn't know that only the default sensors are shown. Thanks!
Which brings me to my next question :) Would editing "export let INDEXES
= ['websphere', 'snort', 'asa', 'bro', 'yaf'];" in
metron/metron-interface/metron-alerts/src/app/utils/constants.ts be
enough to add support for another sensor right now? Or do other files
need to be changed as well to support another sensor?
On 2017-09-28 11:52, RaghuMitra Kandikonda wrote:
Alerts UI shows all the records in the indexes for the following
sensors 'websphere', 'snort', 'asa', 'bro', 'yaf'. It does not show
records under .kibana as they are not the alerts generated by the
system. Usually the index names for the sensors would have a sensor
name prefix followed by timestamp Ex: snort_index_2017.09.28.18
-Raghu
On Thu, Sep 28, 2017 at 11:08 PM, Laurens Vets <[email protected]>
wrote:
Hello,
I've got the Alerts UI up and running. However, I do not see any
alerts. I
can see events in Kibana with "is_alert" set to "true" and with a
score as
well, but they do not show up in the Alerts UI.
How and where does the Alerts UI get actual alerts?
