[Oisf-users] How many of you use "filestore" ?
Marcos Rodriguez
marcos.e.rodriguez at gmail.com
Fri Apr 20 15:50:24 UTC 2012
On Thu, Apr 12, 2012 at 10:24 AM, Victor Julien <victor at inliniac.net> wrote:
> On 04/12/2012 01:25 PM, Travel Factory S.r.l. wrote:
> > - used IE. When waiting for a long time before confirming the file
> > name, I get truncated files, actually about 160kb. If I confirm
> > quickly I get all the file.
>
> Does this problem go away if you increase your timeouts again?
>
> --
> ---------------------------------------------
> Victor Julien
> http://www.inliniac.net/
> PGP: http://www.inliniac.net/victorjulien.asc
> ---------------------------------------------
>
> _______________________________________________
> Oisf-users mailing list
> Oisf-users at openinfosecfoundation.org
> http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>
Hi Guys,
I know I'm a day late and a dollar short here. I wanted to chime in on my
experiences with file extraction so far.
I used to have this problem as well. First, I increased my timeouts per
Victor's suggestion. Using the latest git version, Suricata's able to
reliably extract files for analysis. I also had to do some dag tuning, but
it looks like I'm good to go now.
Once I applied the patch provided by Jason Ish, I've had no issues related
to the DAG cards anymore.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20120420/8e7a415d/attachment-0002.html>
More information about the Oisf-users
mailing list