-
Hi Pierre,
We're reviewing der-parser usage in Suricata, and we see 6.0.1 being pulled in through kerberos-parser 0.7.1. Are you planning a release that bumps to 8? I see the commit already exists.…
-
Now with #313, we can write the suricata and zeek logs to another index pattern. However, those logs aren't queryable in Arkime.
Arkime from what I can tell hard-codes the `arkime_sessions3-*` inde…
-
Hello There,
Please help with this. I been working very hard to sort out this since a week. but still no success.
Note: all the directories are correctly matched with my installation
if this work t…
-
Hello,
I noticed that after I issue the update.sh command, certain honeypot containers go missing. For instance, after a fresh install I have the full set of honey pots, after the update command he…
-
Reference:
https://www.reddit.com/r/securityonion/comments/hv9xjw/20_suricata_rule_never_be_updated_by_cron_job/
`so-rule-update` works fine when run interactively. However, when running from cron…
-
Upgrade the devices integrations to package spec 3.0.3. Among the reasons to do so is to gain the secrets validation added in 3.0.2.
- [ ] arista_ngfw
- [ ] cef
- [ ] cisco_aironet
- [ ] cisco_a…
-
-
Hello!
Thank you very much for your efforts. Please tell me. My firewall is managed by MikroTik.
SELKS is installed on Debian 11 listening to traffic on standard network ports (enp5s0, enp6s0). Traf…
-
The grid interface in SOC displayed a fault message for all sensors after switching my metadata engine to Suricata. The issue was fixed by removing so-zeek from /opt/so/conf/so-status/so-status.conf.…
-
Hello vincentmli. i have tried the docker image```0f645e7265d3```. but there xdp_synproxy_kern load falied.
```
docker run -td --privileged --net=host -v $(pwd)/etc/suricata:/etc/suricata --name=su…