Suricate
-
I noted in the alert section of Suricate the following displayed multiple times:
SURICATA STREAM ESTABLISHED
What is the source of this alert? Can it be suppressed? What is anything should be dome?
-
The stream alerts can be very annoying, especially on an installation using libpcap like the package utilizes on pfSense. I generally disable the majority of those stream alert rules in Suricata.
Bill