[Oisf-users] Dropping stream data
Charles Devoe
Charles.Devoe at cisecurity.org
Thu Mar 2 13:16:19 UTC 2017
Se are running Suricata 3.0, using pf-ring6.0.2. However. It appears the developer may have found the problem in our code that processes the alerts. Thanks for your response.
Charles DeVoe Jr.
Manager of Engineering
Multi-State Information Sharing and Analysis Center (MS-ISAC)
31 Tech Valley Drive
East Greenbush, NY 12061
charles.devoe at cisecurity.org
(518) 266-3494
7x24 Security Operations Center
SOC at cisecurity.org - 1-866-787-4722
<https://www.facebook.com/CenterforIntSec> <https://twitter.com/CISecurity> <https://www.youtube.com/user/TheCISecurity> <https://www.linkedin.com/company/the-center-for-internet-security>
On 3/1/17, 4:22 PM, "Oisf-users on behalf of Andreas Herz" <oisf-users-bounces at lists.openinfosecfoundation.org on behalf of andi at geekosphere.org> wrote:
On 27/02/17 at 17:24, Charles Devoe wrote:
> We are capturing the stream hex data for our alerts. In many of the Alerts we get truncated data
It would be helpful if you could send us more infos about your setup,
suricata version and the best would be if you can create a reproducible
case which helps debugging.
--
Andreas Herz
_______________________________________________
Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
...
This message and attachments may contain confidential information. If it appears that this message was sent to you by mistake, any retention, dissemination, distribution or copying of this message and attachments is strictly prohibited. Please notify the sender immediately and permanently delete the message and any attachments.
. . .
More information about the Oisf-users
mailing list