"
Hey folks,
Relatively new user to OPNsense + Suricata/IDS. Previously had an Asus router running third party firmware, so have come across from the Linux side of the force, to BSD with this.
If I go to:
Services -> Intrusion Detection -> Alerts
... I can see the most recent events, and there's a search box.
One of the columns is "Action", and the vast bulk of entries I see are "Allowed". I wondered if there was a way to filter this list to show me what has been acted upon in some way besides "Allowed"?
Relatively new user to OPNsense + Suricata/IDS. Previously had an Asus router running third party firmware, so have come across from the Linux side of the force, to BSD with this.
If I go to:
Services -> Intrusion Detection -> Alerts
... I can see the most recent events, and there's a search box.
One of the columns is "Action", and the vast bulk of entries I see are "Allowed". I wondered if there was a way to filter this list to show me what has been acted upon in some way besides "Allowed"?
