[Oisf-users] Would it be possible to run a query per http request?
erik clark
philosnef at gmail.com
Fri Nov 25 17:07:21 UTC 2016
Oddly enough, I would recommend a different tool entirely, namely Bro.
There you can have intel feeds that you populate with whatever you want to
stick in this db and have it raise notices.
Be aware that doing what you suggest, assuming you can do it with Lua,
would be extremely expensive process wise and would have potentially
catastrophic results if you failed close due to db lookups taking too long
to respond.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20161125/c03eeed2/attachment-0002.html>
More information about the Oisf-users
mailing list