English Forums > Intrusion Detection and Prevention
ET Telemetry Edition having problems?
joeyboon:
@franco! Thanks for looking in to this! The issue seems to be resolved :) Thanks again!
JohnDoe17:
Well... the heartbeats work as I reported a few days ago, but the ET Pro Telemetry rules have *NOT* been updated since September 18th.
Neither the "Services > Intrusion Detection > Log File" nor the "System > Log Files > General" indicate there is any error downloading new rules. Frankly it just looks like they haven't updated them for a few days.
Is Proofpoint still supporting the "ET Pro Telemetry" edition rules?
Thanks.
JD17
Edit: Added the missing word "*NOT*" in the first sentence. It was kind of important, lol.
JohnDoe17:
Perhaps this has been resolved too...? I did get an updated set of rules on Monday - finally.
abulafia:
Maybe new problem: Since yesterday, my Suricata instance (on 21.7.3_3) no longer updates the rules - neither the cron job nor a manual "Download & update rules" does anything.
I added a few rule categories yesterday and "enabled" and "saved" them. Since then -> downloads don't work.
--
EDIT: The issue was the "OPNsense-App-detect/test" rule. Once I disabled that, the rules would download again.
Navigation
[0] Message Index
[*] Previous page
Go to full version