ET Pro Telemetry edition is not working properly

Started by korea153, December 11, 2023, 05:58:33 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
December 11, 2023, 05:58:33 AM Last Edit: December 11, 2023, 06:06:59 AM by korea153
https://docs.opnsense.org/manual/etpro_telemetry.html



I installed the os-etpro-telemetry plugin, enabled and downloaded the ET Pro ruleset, and set up the token correctly.

I also configured the Intrusion Detection Policy.

The ET Pro Telemetry edition appears as enabled in the dashboard.

However, it fails to block most of the rules, such as those for Tor and Scanning, and there are no logs in the Intrusion Detection Alerts.

I'm wondering why ET Open is working fine, but the ET Pro Telemetry edition is not.
December 11, 2023, 06:08:32 AM #1 Last Edit: December 11, 2023, 01:36:17 PM by korea153
.
December 20, 2023, 06:06:35 PM #2
I would hazard to say it's tuned to not flood clueless users with zillons of alerts and inexplicable blocks. More of useless noise != working better. Also, most of the rules are NOT set to block.

As for the heartbeats, there's something messed up/blocked on your end, works just fine here.
Print
Go Up Pages1
User actions