OPNsense Forum

Archive => 18.1 Legacy Series => Topic started by: MakesSense on March 13, 2018, 10:47:10 am

Title: 18.1.4 IDS Alerts
Post by: MakesSense on March 13, 2018, 10:47:10 am

Don't know if this is the right section to drop this...

When I look at Alerts in the IDS section it always says:

'Showing 1 to 7'

no matter of how many I 've chosen to view. In the example attached there are 49 alerts being shown.

Title: Re: 18.1.4 IDS Alerts
Post by: dcol on March 13, 2018, 04:37:23 pm

I agree the hard-coded number '7' is annoying and should keep the number you selected in the drop down in a cookie or somewhere. Even if it was set to '25' that would be better. If you choose another number from the drop down and then hit search, it will display that number of entries.

Title: Re: 18.1.4 IDS Alerts
Post by: dcol on March 13, 2018, 05:12:05 pm

I stand corrected. The Suricata log no long displays updates as of OPNsense 18.1.4.

As a matter of fact there seems to be a bug in the reporting of Suricata events now.
When I do an update here is what I get in the log
Also when I manually look at the log, nothing is there. It was not updated.
I think I will report this on github.

[UPDATE]
And if you want to see the logged events in Suricata, check 'Enable syslog' in the IDS GUI

I really appreciate how quickly the devs respond to issues.