[Oisf-users] Suricata SMTP Rules Fired - Now What...?
Andreas Herz
andi at geekosphere.org
Fri Jan 13 21:15:54 UTC 2017
On 13/01/17 at 17:50, Cloherty, Sean E wrote:
> Thanks Tom. I appreciate your offer, but since this is email and
> there is PII etc., I am not sure that is in the cards. Need another
> way to skin this cat.
Without the traffic it's hard to tell if it's false positive or correct
matches.
> Are there server, suricata compile errors, or suricata.yaml
> configuration values which I should check to eliminate the most likely
> causes?
You could describe your setup more, how you run suricata, in which mode
and what you did configure (beside defaults).
--
Andreas Herz
More information about the Oisf-users
mailing list