[Oisf-devel] Suricata 1.1beta3 and suppress (threshold.conf)
David.R.Wharton at regions.com
David.R.Wharton at regions.com
Mon Oct 31 16:19:49 UTC 2011
I updated to Suricata version 1.1beta3 (rev 30d84ab) from 1.1beta2 (rev
bc5c9f4) and now my suppress statements in threshold.conf don't seem to be
working as expected. They seem to be loading OK:
(util-threshold-config.c:878) <Info> (SCThresholdConfParseFile) --
Threshold config parsed: 212 rule(s) found
(util-threshold-config.c:191) <Info> (SCThresholdConfInitContext) --
Global thresholding options defined
Suppression was working before, but after updating, I'm seeing alerts on
events that should be suppressed. Anyone else getting this?
Thanks.
-David
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-devel/attachments/20111031/7bb93a1f/attachment-0002.html>
More information about the Oisf-devel
mailing list