OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 17.7 Legacy Series »
  • Packet captures in Suricata
« previous next »
  • Print
Pages: [1]

Author Topic: Packet captures in Suricata  (Read 525 times)

nycaleksey

  • Newbie
  • *
  • Posts: 20
  • Karma: 2
    • View Profile
Packet captures in Suricata
« on: October 27, 2017, 02:32:52 pm »
Hi,

I am running 17.7.7_1 with Suricata enabled, however I can't find an option to capture the traffic that causes the alerts to be generated. Is this feature (saving packet captures of flagged traffic) supported in OPNSense or by Suricata in general? A lot of Suricata alerts are impossible to investigate without being able to review the PCAPs of the traffic.

Thank you,

Aleksey
Logged
  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 17.7 Legacy Series »
  • Packet captures in Suricata
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2019 All rights reserved
  • SMF 2.0.15 | SMF © 2017, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2