Print Page - ET Pro Telemetry edition is not working properly

Title: ET Pro Telemetry edition is not working properly
Post by: korea153 on December 11, 2023, 05:58:33 AM

https://docs.opnsense.org/manual/etpro_telemetry.html (https://docs.opnsense.org/manual/etpro_telemetry.html)

(https://i.imgur.com/FkJxgW5.png)

I installed the os-etpro-telemetry plugin, enabled and downloaded the ET Pro ruleset, and set up the token correctly.

I also configured the Intrusion Detection Policy.

The ET Pro Telemetry edition appears as enabled in the dashboard.

However, it fails to block most of the rules, such as those for Tor and Scanning, and there are no logs in the Intrusion Detection Alerts.

I'm wondering why ET Open is working fine, but the ET Pro Telemetry edition is not.

Title: Re: ET Pro Telemetry edition is not working properly
Post by: korea153 on December 11, 2023, 06:08:32 AM

Title: Re: ET Pro Telemetry edition is not working properly
Post by: doktornotor on December 20, 2023, 06:06:35 PM

I would hazard to say it's tuned to not flood clueless users with zillons of alerts and inexplicable blocks. More of useless noise != working better. Also, most of the rules are NOT set to block.

As for the heartbeats, there's something messed up/blocked on your end, works just fine here.

OPNsense Forum

English Forums => Intrusion Detection and Prevention => Topic started by: korea153 on December 11, 2023, 05:58:33 AM