Suricat eve logs empty

[TotieBash]

I have a freshly installed SO 2.3.52 from iso and I am not getting any logs from Suricata. /NSM/Suricata/eve*.json files are there but they are all empty and nothing goes into Kibana. I downloaded sample pcap from malware traffic analysis and did "tcpreplay -i bond0 2020-09-16-Qakbot-infection-traffic.pcap" and I also tried on ens224 nic but nothing goes to Suricata. I get Zeek logs and I also have NtopNG sensors and they are getting the tcpreplay alert but Suricata is silent. By the way I'm on air-gap network. I also downloaded the latest ET rules and place it on /opt/so/saltstack/local/salt/idstools/sorules and did so-rule-update. Am I missing a step? pls help. thanks