[Oisf-users] Missing Payloads For Signatures that are HTTP + PCRE?

Eoin Miller eoin.miller at trojanedbinaries.com
Thu May 10 21:39:36 UTC 2012


Finally got around to installing Suricata and the alerting output I am
seeing is missing payloads for several signatures. Each of these
signatures it is missing it for seems to have one thing in common, it is
using the http inspect stuff along with PCRE. Everything else appears to
be alerting fine and has payloads though.

Anyone else experienced something similar? This is really weird.

-- Eoin



More information about the Oisf-users mailing list