Is there a reason my alerts always default to 7?
And I don't even know where to start here:
(https://i.ibb.co/pwZ7jBd/IDS1-Capture.png) (https://ibb.co/Kh7PxpW)
15 to 21 of 89 of nothing?
Maybe start with the version you are currently running.
Cheers,
Franco
Versions:
Versions OPNsense 21.1.8_1-amd64
FreeBSD 12.1-RELEASE-p19-HBSD
OpenSSL 1.1.1k 25 Mar 2021
Here is default view of alerts:
(https://i.ibb.co/zfscf3m/ids3-Capture.png) (https://ibb.co/0JqNJ0n)
2015 hyundai azera 0 60 (https://statewideinventory.org/hyundai-0-60-times)
But if you increase the view to 100:
(https://i.ibb.co/9H9Hvf8/ids4-Capture.png) (https://ibb.co/VYWYNhj)
flag for zimbabwe emoticons (https://emoticoncentral.com/category/flag-for-zimbabwe)
which is a few more than7!
Does it work like this for everyone? It defaults to 7 and miscounts the pages on two different CPU's and does so on a fresh install. It seems to work at blocking what its supposed to, so I can't complain really. But odd...
I'm working on this, but on the dev track suricata version 6 has some issues that will get it stuck so I have to switch the testing machine... please sit tight :)
Cheers,
Franco
seems its in
https://github.com/opnsense/core/blob/376ee793c9a557f51baa95fb8af574c8209faeda/src/opnsense/scripts/suricata/queryAlertLog.py#L122
I'm not sure how it will affect performance if this is removed. 2500 lines works fine
This is still an issue with OPNsense 22.1.1_3-amd64.
Is there any plan to solve this ?
Regards, Urmel