[Oisf-users] Suricata 4.1.3 SMTP Meta
rachel.suriteam
rachel.suriteam at protonmail.com
Wed Apr 24 14:54:35 UTC 2019
Hello Victor,
Did you get a chance to look at nthe pcap files that I send you?
Thanks
Rachel
Sent with ProtonMail Secure Email.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Tuesday, April 23, 2019 1:26 PM, Victor Julien <lists at inliniac.net> wrote:
> Hi Rachel,
>
> On 19-04-19 11:12, rachel.suriteam wrote:
>
> > I use Suricata to get SMTP metadata but I’m facing to strange issue, I
> > don’t know why but with my Suricata 4.1.3 no SMTP metadata are
> > generated. HTTP or others are generated but nothing for SMTP.
> > I made tests on the Suricata 4.0.7 and Suricata generates well SMTP
> > metadata.
> > May I miss something? SMTP metadata extraction still valid in 4.1.3?
> > Is there a special configuration to be done in 4.1.3? A special patch to
> > apply?
>
> Are you able to (privately) share a pcap? 4.1.3 shouldn't act different
> than 4.1.2 wrt smtp logging.
>
> -------------------------------------------------------------------------------------------------------
>
> Victor Julien
> http://www.inliniac.net/
> PGP: http://www.inliniac.net/victorjulien.asc
>
> -------------------------------------------------------------------------------------
>
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>
> Conference: https://suricon.net
> Trainings: https://suricata-ids.org/training/
More information about the Oisf-users
mailing list