English Forums > Intrusion Detection and Prevention

ET Telemetry Edition having problems?

<< < (3/3)

joeyboon:
@franco! Thanks for looking in to this! The issue seems to be resolved :) Thanks again!

JohnDoe17:
Well... the heartbeats work as I reported a few days ago, but the ET Pro Telemetry rules have *NOT* been updated since September 18th.

Neither the "Services > Intrusion Detection > Log File" nor the "System > Log Files > General" indicate there is any error downloading new rules.  Frankly it just looks like they haven't updated them for a few days.

Is Proofpoint still supporting the "ET Pro Telemetry" edition rules?

Thanks.

JD17

Edit: Added the missing word "*NOT*" in the first sentence.  It was kind of important, lol.

JohnDoe17:
Perhaps this has been resolved too...?  I did get an updated set of rules on Monday - finally.

abulafia:
Maybe new problem: Since yesterday, my Suricata instance (on 21.7.3_3) no longer updates the rules - neither the cron job nor a manual "Download & update rules" does anything.

I added a few rule categories yesterday and "enabled" and "saved" them. Since then -> downloads don't work.

--

EDIT: The issue was the "OPNsense-App-detect/test" rule. Once I disabled that, the rules would download again.

Navigation

[0] Message Index

[*] Previous page

Go to full version