4. Suricata Inline Priority and SID mgmt

Suricata Inline Priority and SID mgmt

  • M

    Hello,

    The Suricata Alert log contains the rule's "Priority" field however when I click on a rule's SID to view the details there isn't any priority value.
    ie.:

    alert pkthdr any any -> any any (msg:"SURICATA IPv4 packet too small"; decode-event:ipv4.pkt_too_small; sid:2200000; rev:1;)

    What if my goal is to change all Priority 1 rule to block state using SID mgmt, how should I do that? How can I review the changed rules?

    Thank you!
    Mind12

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy