I am attempting to test my new security onion install. I have it set up on a static IP Ethernet adapter in a virtual machine with an IP of 10.0.3.47
When I go launch Sguill, it seems to work well enough, but it only sees traffic broadcasts to everyone and traffic going to 10.0.3.47 or from 10.0.3.47. The virtual machine was set up to accept all promiscuous traffic, but since then I have directly connected an Ethernet over USB with PNP Linux support. I also have another desktop connected via bridged Ethernet with Kali Linux on it and when I launch Wireshark on that machine, I have the same result. Any ideas on what I am doing wrong, or how I can fix this?