[Oisf-users] Disable event_type http and fileinfo

Breno Silva breno.silva at gmail.com
Fri Jul 21 16:56:43 UTC 2017


i would like to not receive http &fileinfo event_type messages in EVE-LOG
I tried to define http enable = detection-only. However it not just
suppress the event_type http but also my http rules are not working.

It is expected ? My config is wrong ?

Suricata version is 3.2.2


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20170721/eef32740/attachment.html>

More information about the Oisf-users mailing list