[Oisf-users] suricata and ClamAV

Cooper F. Nelson cnelson at ucsd.edu
Thu Jul 6 17:04:02 UTC 2017

I've done something like that, however I've found it more productive to
integrate it with VirusTotals.  You can use the API or just search on
the sha256 hash by referencing it in the url:

> https://www.virustotal.com/en/file/a4497037f009abd0e6986e4228695d38e2778511cec800391199d788d355e623/analysis/

If there are no hits you can then send the file to VirusTotal for scanning.


7/3/2017 8:48 AM, Srinivasreddy R wrote:
> Hi All, I am new to suricata .I have a question related to usage of
> ClamAv with suricata. Is there any need/purpose to use ClamAV with
> suricata ?
> What are the possible use cases to use ClamAV along with suricata .?
> thanks srinivas
> _______________________________________________ Suricata IDS Users
> mailing list: oisf-users at openinfosecfoundation.org Site:
> http://suricata-ids.org | Support: http://suricata-ids.org/support/ 
> List:
> https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users

Cooper Nelson
Network Security Analyst
UCSD ACT Security Team
cnelson at ucsd.edu x41042

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20170706/961872ee/attachment-0002.sig>

More information about the Oisf-users mailing list