Hi, After updating and rebuilding suricata 4.0.1 with the latest changes to the apt-stable pfring repo (7.0.0-1598) we lost all app-layer events in suricata. flow and ip based alerts are still generated but every other events seem to be gone.
On the same machine we switched to af_packet and the events showed up again. Question: has suricata 4.x been tested with pf_ring 7.x ?? Regards, -- Robert Haist Head of Security Engineering T: +49 151 205 589 31 E: [email protected] W: https://www.dcso.de DCSO Deutsche Cyber-Sicherheitsorganisation GmbH Rosenthaler Straße 40, 10178 Berlin, Germany Geschäftsführer: Dr.-Ing. Gunnar Siebert Sitz der Gesellschaft: Berlin | Amtsgericht Charlottenburg, HRB 172382
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Ntop-misc mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop-misc
