You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
i want to integrate slack with SO but i did not found the right steps
i have read the documentation froo elasticalert : https://docs.securityonion.net/en/latest/elastalert.html#configuration
the slack part and i found an exemple of code that should be putted some where or should be edit like the provided one
the documentation says that ElastAlert rules are stored in /opt/so/rules/elastalert/
but i found no file in that directory
what steps should i follow and where to put the code related to slack notification
Guidelines
I have read the above statement and can confirm my post is relevant to Security Onion 2.4.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
-
Version
2.4.0
Installation Method
Security Onion ISO image
Description
configuration
Installation Type
Standalone
Location
on-prem with Internet access
Hardware Specs
Meets minimum requirements
CPU
8
RAM
16
Storage for /
200
Storage for /nsm
200
Network Traffic Collection
span port
Network Traffic Speeds
Less than 1Gbps
Status
Yes, all services on all nodes are running OK
Salt Status
No, there are no failures
Logs
No, there are no additional clues
Detail
i want to integrate slack with SO but i did not found the right steps
i have read the documentation froo elasticalert : https://docs.securityonion.net/en/latest/elastalert.html#configuration
the slack part and i found an exemple of code that should be putted some where or should be edit like the provided one
the documentation says that ElastAlert rules are stored in /opt/so/rules/elastalert/
but i found no file in that directory
what steps should i follow and where to put the code related to slack notification
Guidelines
Beta Was this translation helpful? Give feedback.
All reactions