[Oisf-users] Suricata ignoring disable.conf

James Moe jimoe at sohnen-moe.com
Fri Nov 1 19:54:15 UTC 2019


On 01/11/2019 2.29 am, Jason Ish wrote:

> Did you also re-run suricata-update after modifying disable.conf?
>
  I did. More than once. And restarted Suricata after each rule update.
  One of the bits of data in the original post showed the Alert for the sample
2210042 log entry as being commented, implying that it is disabled.
Nevertheless, there continues to be an alert for that SURICATA event.

-- 
James Moe
moe dot james at sohnen-moe dot com
520.743.3936
Think.



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: OpenPGP digital signature
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20191101/fbea027d/attachment-0001.sig>


More information about the Oisf-users mailing list