[Oisf-users] Meaning of force-filestore option
Darren S.
phatbuckett at gmail.com
Sat Jun 23 00:41:58 UTC 2018
Suricata version 4.0.4 RELEASE
outputs.13.file-store = (null)
outputs.13.file-store.enabled = yes
outputs.13.file-store.log-dir = files
outputs.13.file-store.force-magic = yes
outputs.13.file-store.force-md5 = yes
outputs.13.file-store.force-filestore = no
I'd like to find out what is the meaning of the force-* options in
these types of settings - understanding that they force the given data
output, but not what that means by example.
For example, would outputs.file-store.force-filestore result in Suri
storing all files regardless of any filestore rules active (as a
convenience factor)?
What cases do force-magic and force-md5 output those values where they
wouldn't normally be output when file-store.enabled = yes?
--
Darren Spruell
phatbuckett at gmail.com
More information about the Oisf-users
mailing list