[Oisf-users] Suricata - vars and multiple interfaces
Davide Setti
d.setti at certego.net
Thu Aug 9 12:57:01 UTC 2018
>
>
> you would need to run:
> suricata -c suricata.yaml -T --af-packet
> as Suricata won't know what capture method you intend to use.
You are right!
network-sensor suricata # suricata -c suricata.yaml --af-packet -T | grep
-v FLOWBIT
[25210] 9/8/2018 -- 12:55:21 - (suricata.c:1900) <Info> (ParseCommandLine)
-- Running suricata under test mode
[25210] 9/8/2018 -- 12:55:21 - (suricata.c:1084) <Notice> (LogVersion) --
This is Suricata version 4.1.0-dev (rev a3caef7)
[25210] 9/8/2018 -- 12:55:28 - (suricata.c:2986) <Notice> (main) --
Configuration provided was successfully loaded. Exiting.
Thanks very much,
Davide
--
<http://www.certego.net/>
Davide Setti
R&D and Incident Response Team, Certego
<http://www.linkedin.com/company/certego> <http://twitter.com/Certego_IRT>
<http://github.com/certego> <http://www.youtube.com/CERTEGOsrl>
<http://plus.google.com/117641917176532015312>
Use of the information within this document constitutes acceptance for use
in an "as is" condition. There are no warranties with regard to this
information; Certego has verified the data as thoroughly as possible. Any
use of this information lies within the user's responsibility. In no event
shall Certego be liable for any consequences or damages, including direct,
indirect, incidental, consequential, loss of business profits or special
damages, arising out of or in connection with the use or spread of this
information.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20180809/12dc2397/attachment-0001.html>
More information about the Oisf-users
mailing list