-
Update docker docs of how to adjust if needed:
- suricata config
- ES config (for example mem)
- LS config (for example mem)
pevma updated
2 years ago
-
Install script has to detect multiple nics and ask the user for assignment:
1 x Suricata (monitoring only, no ip)
1 x Web UI and / or event communication
-
https://twitter.com/James_inthe_box/status/1535011497717268481
-
First off, this project is AMAZING. Coming from a DBA background, and being a huge fan of Suricata, thank you!
As you know, the line ending in windows is different. To address this, I had to ch…
-
excuse me, May i ask you two questions about suricata?
1. How can I display the HTTP request body in eve.json?
2. http-data.log only displays the original data, not the hexadecimal?
…
-
When I try to add the source "Abuse.ch SSL Blacklist" through the interface "Add public sourse" I get the following list of errors: (Scirius CE v3.0.0.)
![2018-10-11_091000](https://user-images.git…
-
How to log normalization ?
-
Zeek and Suricata generate overlapping datasets, specifically around protocol analysis. I would recommend that we look at creating some generic log sources focused on the overlapping protocol analysis…
-
The new Istio Ambient mode redirects L4 traffic to the ztunnel pods on the nodes using
- iptables and Geneve tunnels or
- eBPF programs and maps
The ztunnel pod handles mTLS connections to zt…
-
The hs was used in suricata, when the http traffic up to 2Gbps it crashed with only one thread,or less traffic with 4 threads。the core dump is follow:
Using host libthread_db library "/lib64/libthr…