[Oisf-users] Suricata response events

jordon.carpenter at rooksecurity.com jordon.carpenter at rooksecurity.com
Wed Jun 15 14:37:31 UTC 2016


Team,

Need to turn on logging of response events when an alert fires.

For example, when the signature ` ET WEB_SERVER Possible SQL Injection
Attempt UNION SELECT` fires, we need to log the response after it triggers.
We need to see what the server response to this request is.

I know this can be done via snort, is this possible with suricata?

*Thanks,*
*Jordon Carpenter*
Rook Security <https://www.rooksecurity.com/>
*Anticipate, Manage, & Eliminate Threats*

O: 888.712.9531 x734
E: jordon.carpenter at rooksecurity.com

[image: rookconsulting] <https://www.facebook.com/rookconsulting>    [image:
rooksecurity] <https://twitter.com/rooksecurity>    [image: Rook LinkedIn]
<https://www.linkedin.com/company/rook-security>

[image: Seconds Matter]
<https://rooksecurity.sigstr.net/uc/5702adef825be96deedb141a>

This e-mail may contain confidential and privileged material for the sole
use of the intended recipient. Any review, use, distribution or disclosure
by others is strictly prohibited. If you are not the intended recipient (or
authorized to receive for the recipient), please contact the sender by
reply e-mail and delete all copies of this message

[image: Powered by Sigstr]
<https://rooksecurity.sigstr.net/uc/5702adef825be96deedb141a/watermark>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20160615/92ab4eff/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: A-FB.png
Type: image/png
Size: 1070 bytes
Desc: not available
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20160615/92ab4eff/attachment.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: A-TW.png
Type: image/png
Size: 1249 bytes
Desc: not available
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20160615/92ab4eff/attachment-0001.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: A-LI.png
Type: image/png
Size: 1160 bytes
Desc: not available
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20160615/92ab4eff/attachment-0002.png>


More information about the Oisf-users mailing list