[Oisf-users] flags keyword

Charles Devoe Charles.Devoe at cisecurity.org
Tue Jun 2 08:06:56 UTC 2020

We have some ET signatures that are using the flags keyword ( flags: S,12)  In checking the Suricata documentation I do not see the flags keyword listed.  I would like to confirm this is a valid keyword and that it works the same as it does in snort.
This message and attachments may contain confidential information. If it appears that this message was sent to you by mistake, any retention, dissemination, distribution or copying of this message and attachments is strictly prohibited. Please notify the sender immediately and permanently delete the message and any attachments.

. . . . .
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20200602/92a91162/attachment.html>

More information about the Oisf-users mailing list