<html><head></head><body><div style="font-family: Verdana;font-size: 12.0px;"><div>
<div>You could also write a small script that would ping a target with a specific payload. Then you could hava a sigantures that looks for that specific string of character and alert you then. Just have it run as a cronjob at whatever interval you need.</div>
<div> </div>
<div>Example:</div>
<div>ping -p deadbeef 123.12.3.1</div>
<div> </div>
<div>
<div name="quote" style="margin:10px 5px 5px 10px; padding: 10px 0 10px 10px; border-left:2px solid #C3D9E5; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;">
<div style="margin:0 0 10px 0;"><b>Sent:</b> Friday, July 28, 2017 at 8:38 AM<br/>
<b>From:</b> "Jason Ish" <ish@unx.ca><br/>
<b>To:</b> oisf-users@lists.openinfosecfoundation.org<br/>
<b>Subject:</b> Re: [Oisf-users] Suricata Heartbeat Alert</div>
<div name="quoted-content">On 2017-07-28 07:37 AM, Charles Devoe wrote:<br/>
> Is there a way to have Suricata create a heartbeat alert? This alert<br/>
> would be a dummy alert and would be used to let us know that the<br/>
> Suricata system is up and working and all of our ancillary functions are<br/>
> also working.<br/>
<br/>
No, Suricata does not support this. I know others have accomplished this<br/>
by using a custom rule and periodically injecting a special packet into<br/>
their network as a heartbeat. This is more a complete test as it tests<br/>
the actual packet reception by the monitoring system as well.<br/>
<br/>
Jason<br/>
<br/>
_______________________________________________<br/>
Suricata IDS Users mailing list: oisf-users@openinfosecfoundation.org<br/>
Site: <a href="http://suricata-ids.org" target="_blank">http://suricata-ids.org</a> | Support: <a href="http://suricata-ids.org/support/" target="_blank">http://suricata-ids.org/support/</a><br/>
List: <a href="https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users" target="_blank">https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users</a><br/>
<br/>
Conference: <a href="https://suricon.net" target="_blank">https://suricon.net</a><br/>
Trainings: <a href="https://suricata-ids.org/training/" target="_blank">https://suricata-ids.org/training/</a></div>
</div>
</div>
</div></div></body></html>