[Oisf-users] eve.json logging issues

Jason Ish lists at unx.ca
Thu Nov 17 18:44:34 UTC 2016

On Thu, Nov 17, 2016 at 12:30 PM, erik clark <philosnef at gmail.com> wrote:
> Thanks! That worked.
> Is there a way to get the actual content of the signature into the alert? So
> not just the payload, subject, flowdata and so forth, but the actual
> signature itself, so someone can look at it in the alert to see why it may
> have fired erroneously...

No, not currently. But you aren't the first one to ask so perhaps its
something we should think about doing.


More information about the Oisf-users mailing list