Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
Intrusion detection no longer showing alerts since last update
« previous
next »
Print
Pages: [
1
]
Author
Topic: Intrusion detection no longer showing alerts since last update (Read 3598 times)
kezman83
Newbie
Posts: 3
Karma: 0
Intrusion detection no longer showing alerts since last update
«
on:
April 14, 2019, 01:24:30 am »
Hi
Since the most recent update I am no longer seeing alerts being displayed in the alerts tab.
I can see the service is running and the the log file is being populated(Indicating the intrusion detection is working).
If this issue due to the update breaking something?
Logged
franco
Administrator
Hero Member
Posts: 17669
Karma: 1612
Re: Intrusion detection no longer showing alerts since last update
«
Reply #1 on:
April 14, 2019, 10:51:18 am »
I'm not sure why this needs repeating. Please provide version information: last good version, first bad version. "latest update" is loosely related in space and time.
Cheers,
Franco
Logged
kezman83
Newbie
Posts: 3
Karma: 0
Re: Intrusion detection no longer showing alerts since last update
«
Reply #2 on:
April 14, 2019, 12:36:19 pm »
Hi Franco
Apologies for being so vague in my post.
Last good version = 19.1.5
First bad version = 19.1.6
Thank you
Regards,
Alex
Logged
franco
Administrator
Hero Member
Posts: 17669
Karma: 1612
Re: Intrusion detection no longer showing alerts since last update
«
Reply #3 on:
April 20, 2019, 07:46:13 pm »
Hi Alex,
Depends a bit, there was a fix that mutes alerts that are not supposed to alert:
https://github.com/opnsense/core/issues/3386
And there's a small cleanup:
https://github.com/opnsense/core/commit/a0b3ddc57247
It is likely the first change which should be normal and the previous alerts were not meant to be shown at all. Does that make sense in your env?
Cheers,
Franco
Logged
kezman83
Newbie
Posts: 3
Karma: 0
Re: Intrusion detection no longer showing alerts since last update
«
Reply #4 on:
April 23, 2019, 05:03:41 am »
Hi Franco
Thanks for getting back to me, this looks like it makes sense.
An example of an alert the system was giving me is below(Could you confirm if this is an alert that should be muted).
Alert FILE-IDENTIFY MP4 file download request (This is set to drop).
Regards,
Alex
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
Intrusion detection no longer showing alerts since last update