<html><head><style type=text/css><!--
.email-body .body { font-family: Helvetica, Arial; font-size: 13px; }
--></style></head><body>One additional bit.  We never have run all the rules.  No need to run all the rules in our case.<br><br><font size="2" face="Arial">Leonard Jacobs</font><br><br><br><div><strong>
From:
</strong>
 
Jordon Carpenter <jordon.carpenter@rooksecurity.com>
<br>
<strong>
To:
</strong>
 
<oisf-users@lists.openinfosecfoundation.org>
<br>
<strong>
Sent:
 
</strong>
11/20/2018 4:21 PM
<br>
<strong>
Subject:
</strong>
 
[Oisf-users] Suricata Multiple Interfaces
<br><br><blockquote class="mcnt mori" style="margin:0 0 0 .8ex;border-left:1px solid #CCC;padding-left:1ex;"><div class="email-body"><div style="word-wrap:break-word" class="body"><div id="mcntbloop_customfont" style="font-family:Helvetica,Arial;font-size:13px;margin:0px;line-height:auto">Is there a limit on the amount of interfaces Suricata can Monitor? I have done two and have been successful, but needing to bump it up to 3. Currently using pf_ring and Suricata 4.1. </div><br><div id="mcntbloop_sign_1542752396326620928" class="mcntbloop_sign"><span style="color:rgb(34,34,34);font-variant-ligatures:normal;font-size:14px;font-family:roboto,sans-serif"><strong><span style="color:rgb(0,0,0)">Thanks,<br>Jordon Carpenter</span></strong></span><br style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-variant-ligatures:normal"><span style="font-variant-ligatures:normal;font-size:12px;font-family:roboto,sans-serif"><a href="https://www.rooksecurity.com/" target="_blank" style="color:rgb(0,0,0)">Rook Security</a></span><br style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-variant-ligatures:normal"><span style="color:rgb(34,34,34);font-variant-ligatures:normal;font-size:12px;font-family:roboto,sans-serif"><em><span style="color:rgb(0,0,0)">Anticipate, Manage, & Eliminate Threats</span></em></span><br style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-variant-ligatures:normal"><br style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-variant-ligatures:normal"><span style="font-variant-ligatures:normal;font-size:12px;font-family:roboto,sans-serif">O: <a href="tel:(888)%20712-9531" target="_blank" style="color:rgb(17,85,204)">888.712.9531 x734</a></span><br style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-variant-ligatures:normal"><span style="font-variant-ligatures:normal;font-size:12px;font-family:calibri,sans-serif"><span style="font-family:roboto,sans-serif">E: <a href="mailto:jordon.carpenter@rooksecurity.com" target="_blank" style="color:rgb(17,85,204)" title="Send email to jordon.carpenter@rooksecurity.com" class="mailto">jordon.carpenter@rooksecurity.com</a><br><br></span><span style="font-family:roboto,sans-serif"><a href="https://www.facebook.com/rookteam" target="_blank" style="color:rgb(17,85,204)"><img alt="rookteam" class="mcntCToWUd" src="https://d23fetfglg1ija.cloudfront.net/signature_fields/56feae2eecca0b0003125675/A-FB.png" title="This image cannot be displayed." data-err-title="true" border="0"></a>    <a href="https://twitter.com/rooksecurity" target="_blank" style="color:rgb(17,85,204)"><img alt="rooksecurity" class="mcntCToWUd" src="https://d23fetfglg1ija.cloudfront.net/signature_fields/56feae2eecca0b0003125675/A-TW.png" title="This image cannot be displayed." data-err-title="true" border="0"></a>    <a href="https://www.linkedin.com/company/rook-security" target="_blank" style="color:rgb(17,85,204)"><img alt="Rook LinkedIn" class="mcntCToWUd" src="https://d23fetfglg1ija.cloudfront.net/signature_fields/56feae2eecca0b0003125675/A-LI.png" title="This image cannot be displayed." data-err-title="true" border="0"></a></span><br><br><br><span style="font-size:10px"><span style="font-family:roboto,sans-serif">This e-mail may contain confidential and privileged material for the sole use of the intended recipient. Any review, use, distribution or disclosure by others is strictly prohibited. If you are not the intended recipient (or authorized to receive for the recipient), please contact the sender by reply e-mail and delete all copies of this message.</span></span></span></div>
</div></div><br><br>_______________________________________________<br>Suricata IDS Users mailing list: oisf-users@openinfosecfoundation.org<br>Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/<br>List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users<br><br>Conference: https://suricon.net<br>Trainings: https://suricata-ids.org/training/</blockquote></div><BR />
<BR />
This email and any files transmitted with it are confidential and 
intended solely for the use of the individual or entity to which they 
are addressed. If you have received this email in error please notify Netsecuris management at mgmt@netsecuris.com. Please note that any views or opinions presented in 
this email are solely those of the author and do not necessarily 
represent those of Netsecuris Inc. The integrity and 
security of this message cannot be guaranteed on the Internet
<BR />
</body></html>