Closed zoomequipd closed 3 years ago
It would appear in the WEBUI that dump buffers is an optional selection, however this does not appear to be the case with snort.
in looking at https://github.com/secureworks/dalton/blob/master/dalton-agent/dalton-agent.py#L898-L900
we can see that the dump-buffers is enforced on all runs of snort, however this feature was introduced in Snort 2.9.9.0.
Is it possible to add a check that only adds this option depending on the version of snort which is being run?
It would appear in the WEBUI that dump buffers is an optional selection, however this does not appear to be the case with snort.
in looking at https://github.com/secureworks/dalton/blob/master/dalton-agent/dalton-agent.py#L898-L900
we can see that the dump-buffers is enforced on all runs of snort, however this feature was introduced in Snort 2.9.9.0.
Is it possible to add a check that only adds this option depending on the version of snort which is being run?