[Oisf-users] Suricata goes wild with SURICATA STREAM alerts
David Wharton
oisf at davidwharton.us
Sun Jul 24 18:28:07 UTC 2016
>
> During start (suricata.log) there seems to be some err -
> 12/7/2016 -- 21:39:26 - <Error> - [ERRCODE: SC_ERR_PCRE_MATCH(2)] -
> pcre_exec parse error, ret -1, string , type threshold, ttack by_src,
> count 5, seconds 60
> that would need some investigation on the rules loaded side.
>
I don't know what the full rule is but it looks like the rule parser is
throwing an error due to a syntax typo.
It should be 'track by_src' not 'ttack by_src'.
-David Wharton
More information about the Oisf-users
mailing list