[Oisf-users] Properly testing Suricata for alerts

Bjørn Ruberg bjorn at ruberg.no
Wed Feb 13 06:41:21 UTC 2019

Previous message (by thread): [Oisf-users] Properly testing Suricata for alerts
Next message (by thread): [Oisf-users] Properly testing Suricata for alerts
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 13.02.2019 01:13, 419telegraph298 at protonmail.com wrote:
> Hey - I am not sure if the rule is set for tcpdump. What should I run foo.pcap with? Kismet or Tcpdump?

https://suricata.readthedocs.io/en/suricata-4.1.2/command-line-options.html

Check the "-r <path>" option.

-- 
Bjørn

Previous message (by thread): [Oisf-users] Properly testing Suricata for alerts
Next message (by thread): [Oisf-users] Properly testing Suricata for alerts
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Oisf-users mailing list