Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Suricata not alerting DNS or any? rules

    Scheduled Pinned Locked Moved IDS/IPS
    1 Posts 1 Posters 374 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      ProperCactus Rebel Alliance
      last edited by ProperCactus

      Hi,

      I am used to Suricata alerting on .to domains for me. I am updated to the latest package with Suricata 6.0.4 and I noticed I have absolutely no alerts anymore.

      I confirmed the rule is still selected and I force a DNS lookup to a .to domain on that interface and where I would normally have got alerts nothing has happened! This is occurring with both pf 2.5.2 and 2.6

      Nothing in Alerts GUI, widget, eve.json or alerts.log.

      Screen Shot 2022-03-15 at 1.24.11 am.png

      1 Reply Last reply Reply Quote 0
      • P ProperCactus referenced this topic on
      • P ProperCactus referenced this topic on
      • P ProperCactus referenced this topic on
      • P ProperCactus referenced this topic on
      • P ProperCactus referenced this topic on
      • bmeeksB bmeeks referenced this topic on
      • bmeeksB bmeeks referenced this topic on
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.