Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Suricata Alert Log View Filter

    Scheduled Pinned Locked Moved
    IDS/IPS
    2
    3
    219
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • NogBadTheBadN
      NogBadTheBad
      last edited by

      Just going through baselining Suricata after moving from Snort.

      @bmeeks Is there a way to filter on the alerts tab and exclude the suppressed alerts.

      Andy

      1 x Netgate SG-4860 - 3 x Linksys LGS308P - 1 x Aruba InstantOn AP22

      bmeeksB 1 Reply Last reply Reply Quote 0
      • bmeeksB
        bmeeks @NogBadTheBad
        last edited by

        @NogBadTheBad said in Suricata Alert Log View Filter:

        Just going through baselining Suricata after moving from Snort.

        @bmeeks Is there a way to filter on the alerts tab and exclude the suppressed alerts.

        No, not currently. You can filter on several parameters, but "Suppressed" is not one of them.

        NogBadTheBadN 1 Reply Last reply Reply Quote 1
        • NogBadTheBadN
          NogBadTheBad @bmeeks
          last edited by

          @bmeeks Thanks Bill.

          Andy

          1 x Netgate SG-4860 - 3 x Linksys LGS308P - 1 x Aruba InstantOn AP22

          1 Reply Last reply Reply Quote 0
          • First post
            Last post