[Oisf-users] Errors in rules after moving to 4.1.4
Russell Fulton
r.fulton at auckland.ac.nz
Sun May 19 21:34:37 UTC 2019
I recently moved to suricata 4.1.4 (from 4.0.4) and I now get a heap of errors like this:
2019 May 20 06:42:11 +12:00 secmonprd11: suricata: '[22157] <Warning> -- [ERRCODE: SC_WARN_FLOWBIT(306)] - flowbit 'et.JavaArchiveOrClass' is checked but not set. Checked in 2017756 and 15 other sigs’
spot checking the tarball rules it is quite correct there are no rules that set that flowbit. I am using 4.1.4 version of the ETPro rules.
Any ideas what is going on?
Using suricata-update 1.0.5. ( upgraded at the same time from 1.0)
Russell
More information about the Oisf-users
mailing list