[Oisf-users] eve.json logging issues
Jason Ish
lists at unx.ca
Thu Nov 17 18:44:34 UTC 2016
On Thu, Nov 17, 2016 at 12:30 PM, erik clark <philosnef at gmail.com> wrote:
> Thanks! That worked.
>
> Is there a way to get the actual content of the signature into the alert? So
> not just the payload, subject, flowdata and so forth, but the actual
> signature itself, so someone can look at it in the alert to see why it may
> have fired erroneously...
No, not currently. But you aren't the first one to ask so perhaps its
something we should think about doing.
Jason
More information about the Oisf-users
mailing list