Add netflows to suricata config

ait-testbed / attackbed

The AttackBed is a simulated enterprise network with numerous vulnerabilities. Attacks in this testbed are executed automatically and cover a variety of tactics and techniques of the MITRE ATT&CK enterprise framework.

GNU General Public License v3.0

5 stars 2 forks source link

Add netflows to suricata config #27

Closed whotwagner closed 1 month ago

whotwagner commented 2 months ago

Suricata should per default not only log pcap + eve but also netflows with community id

thorinaboenke commented 1 month ago

solved in https://github.com/ait-testbed/atb-ansible-suricata/pull/1