hi, really impressed with RockNSM, i’ve been working on an internal project thats almost exactly like RockNSM. (didnt have Kafka integrated yet, i went straight from filebeat to logstash in my internal project)
What i’d like to do is have RockNSM as the main server and possibly one sensor… but i’d also like to place some raspberri pi’s, smaller pc’s or virtual sensors running bro & suricata (mimicing the configuration of RockNSM, but without the ES, Kibana, etc) in other places on the network that work transmit data back to the RockNSM sensor, for processing, storage and visualization.
What hurdles am i going to run into?
- As of right now the proxy only allows access to kibana from the outside. I’ll need to open up a few ports for the external sensors to communicate through with filebeat.
- then adjust kafka to accept to except data from outside sources other than local host…
What am i missing?
Any suggestions would be appreciated.