Rule severity filter - Githubissues

angolo40 / mikrocata2selks

Mikrotik + Selks (Suricata) + Telegram + TZSP on Debian 12

GNU General Public License v3.0

51 stars 12 forks source link

Rule severity filter #2

Closed paTaNiNho closed 1 year ago

paTaNiNho commented 1 year ago

Hello, first I would like to thank you for this easy and working solution of your script!

Do you think that will be possible to modified your code for filtering each alert output based on severity?

For example I would like to send to the MikroTik Firewall only IPs with severity:1 (red ones). And ignore the other two rules.

Thank you for your time and answer... 💯 Regards...

angolo40 commented 1 year ago

Hello, I added the function in mikrocata.py Replace the old file /usr/local/bin/mikrocata.py with the new one, edit mikrotik information inside and then reload the service with "systemctl restart mikrocata.service"