Page 1 of 1

Using kofe on ossec+

Posted: Sun Apr 11, 2021 3:42 am
by rostami
I used to install ossec+ and the KOFE extension, but I got the error that "No indices match pattern 'ossec*' " when open the KOFE-Compliance dashboard in Kibaba. I think this is a bug because when I checked the

Code: Select all

find out that the log path set as

Code: Select all

but I checked this path and I couldn't found any file with ".json" postfix instead, I found

Code: Select all

I think this file must pass as a log path in the "Filebeat.yaml" and "ossec-template.json" also should change.
I have another question, too, that how can I use the machine learning feature of ossec+? Is that embedded in the Elasticsearch ML? or anything else?

Thank you