I noted in the alert section of Suricate the following displayed multiple times:
SURICATA STREAM ESTABLISHED
What is the source of this alert? Can it be suppressed? What is anything should be dome?
bmeeks last edited by
The stream alerts can be very annoying, especially on an installation using libpcap like the package utilizes on pfSense. I generally disable the majority of those stream alert rules in Suricata.