[Oisf-users] flow question
Cooper F. Nelson
cnelson at ucsd.edu
Thu Oct 4 22:15:22 UTC 2018
There are EmergingThreats ICMP 'info' rules for logging ICMP traffic
(icmp_info.rules).
Just enable the ones you want.
-Coop
On 10/3/2018 4:20 PM, Brian Kellogg wrote:
> Trying to figure out how to log ICMP conns. Hoping someone can clue
> me into something I'm missing to get ICMP logging working?
>
> I'm using "flow", not "netflow", for logging
>
>
> thanks
>
>
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>
> Conference: https://suricon.net
> Trainings: https://suricata-ids.org/training/
--
Cooper Nelson
Network Security Analyst
UCSD ITS Security Team
cnelson at ucsd.edu x41042
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20181004/576c991c/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20181004/576c991c/attachment.sig>
More information about the Oisf-users
mailing list