Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
IDS Alerts can't count?
« previous
next »
Print
Pages: [
1
]
Author
Topic: IDS Alerts can't count? (Read 2869 times)
RadOD
Newbie
Posts: 10
Karma: 0
IDS Alerts can't count?
«
on:
July 08, 2021, 04:58:01 pm »
Is there a reason my alerts always default to 7?
And I don't even know where to start here:
15 to 21 of 89 of nothing?
Logged
franco
Administrator
Hero Member
Posts: 17657
Karma: 1611
Re: IDS Alerts can't count?
«
Reply #1 on:
July 08, 2021, 08:07:05 pm »
Maybe start with the version you are currently running.
Cheers,
Franco
Logged
RadOD
Newbie
Posts: 10
Karma: 0
Re: IDS Alerts can't count?
«
Reply #2 on:
July 09, 2021, 12:47:18 am »
Versions:
Versions OPNsense 21.1.8_1-amd64
FreeBSD 12.1-RELEASE-p19-HBSD
OpenSSL 1.1.1k 25 Mar 2021
Here is default view of alerts:
2015 hyundai azera 0 60
But if you increase the view to 100:
flag for zimbabwe emoticons
which is a few more than7!
«
Last Edit: July 09, 2021, 12:57:50 am by RadOD
»
Logged
RadOD
Newbie
Posts: 10
Karma: 0
Re: IDS Alerts can't count?
«
Reply #3 on:
July 13, 2021, 01:18:47 am »
Does it work like this for everyone? It defaults to 7 and miscounts the pages on two different CPU's and does so on a fresh install. It seems to work at blocking what its supposed to, so I can't complain really. But odd...
Logged
franco
Administrator
Hero Member
Posts: 17657
Karma: 1611
Re: IDS Alerts can't count?
«
Reply #4 on:
July 13, 2021, 08:53:53 am »
I'm working on this, but on the dev track suricata version 6 has some issues that will get it stuck so I have to switch the testing machine... please sit tight
Cheers,
Franco
Logged
Fright
Hero Member
Posts: 1777
Karma: 164
Re: IDS Alerts can't count?
«
Reply #5 on:
July 13, 2021, 09:41:16 pm »
seems its in
https://github.com/opnsense/core/blob/376ee793c9a557f51baa95fb8af574c8209faeda/src/opnsense/scripts/suricata/queryAlertLog.py#L122
I'm not sure how it will affect performance if this is removed. 2500 lines works fine
«
Last Edit: July 13, 2021, 09:47:16 pm by Fright
»
Logged
urmel
Newbie
Posts: 19
Karma: 1
Re: IDS Alerts can't count?
«
Reply #6 on:
February 27, 2022, 08:09:26 pm »
This is still an issue with OPNsense 22.1.1_3-amd64.
Is there any plan to solve this ?
Regards, Urmel
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
IDS Alerts can't count?