OPNsense Forum

Archive => 17.7 Legacy Series => Topic started by: nycaleksey on October 27, 2017, 02:32:52 pm

Title: Packet captures in Suricata
Post by: nycaleksey on October 27, 2017, 02:32:52 pm: Hi,

I am running 17.7.7_1 with Suricata enabled, however I can't find an option to capture the traffic that causes the alerts to be generated. Is this feature (saving packet captures of flagged traffic) supported in OPNSense or by Suricata in general? A lot of Suricata alerts are impossible to investigate without being able to review the PCAPs of the traffic.

Thank you,

Aleksey

SMF 2.0.19 | SMF © 2021, Simple Machines
Privacy Policy