[Oisf-users] Dropping stream data

Charles Devoe Charles.Devoe at cisecurity.org
Thu Mar 2 13:16:19 UTC 2017

Se are running Suricata 3.0, using pf-ring6.0.2.  However. It appears the developer may have found the problem in our code that processes the alerts.  Thanks for your response.

Charles DeVoe Jr.
Manager of Engineering
Multi-State Information Sharing and Analysis Center (MS-ISAC)
31 Tech Valley Drive
East Greenbush, NY 12061

charles.devoe at cisecurity.org
(518) 266-3494
7x24 Security Operations Center
SOC at cisecurity.org - 1-866-787-4722

        <https://www.facebook.com/CenterforIntSec>     <https://twitter.com/CISecurity>    <https://www.youtube.com/user/TheCISecurity>     <https://www.linkedin.com/company/the-center-for-internet-security>

On 3/1/17, 4:22 PM, "Oisf-users on behalf of Andreas Herz" <oisf-users-bounces at lists.openinfosecfoundation.org on behalf of andi at geekosphere.org> wrote:

    On 27/02/17 at 17:24, Charles Devoe wrote:
    > We are capturing the stream hex data for our alerts.  In many of the Alerts we get truncated data

    It would be helpful if you could send us more infos about your setup,
    suricata version and the best would be if you can create a reproducible
    case which helps debugging.

    Andreas Herz
    Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
    Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
    List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users


This message and attachments may contain confidential information. If it appears that this message was sent to you by mistake, any retention, dissemination, distribution or copying of this message and attachments is strictly prohibited. Please notify the sender immediately and permanently delete the message and any attachments.

. . .

More information about the Oisf-users mailing list