[Oisf-users] Suricata 4.1.3 SMTP Meta
Victor Julien
lists at inliniac.net
Tue Apr 23 11:26:03 UTC 2019
Hi Rachel,
On 19-04-19 11:12, rachel.suriteam wrote:
> I use Suricata to get SMTP metadata but I’m facing to strange issue, I
> don’t know why but with my Suricata 4.1.3 no SMTP metadata are
> generated. HTTP or others are generated but nothing for SMTP.
> I made tests on the Suricata 4.0.7 and Suricata generates well SMTP
> metadata.
> May I miss something? SMTP metadata extraction still valid in 4.1.3?
> Is there a special configuration to be done in 4.1.3? A special patch to
> apply?
Are you able to (privately) share a pcap? 4.1.3 shouldn't act different
than 4.1.2 wrt smtp logging.
--
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------
More information about the Oisf-users
mailing list