Feature #1389: suppress by host - Suricata - Open Information Security Foundation

Actions

Copy link

Feature #1389

open

suppress by host

Added by god lol about 9 years ago. Updated over 7 years ago.

Status:

New

Priority:

Normal

Assignee:

OISF Dev

Target version:

TBD

Effort:

Difficulty:

Label:

Description

From the rule description at https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Suricata_Rules and suppress example at https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Ignoring_Traffic it's unclear if it's possible to supress alert for particular hostname.

The problem is that rule description doese not mention "supress" at all, while the documentation on ignoring traffic is very brief and it's unclear how one could suppress alerts for the traffic going to (or from) my.host.com

History
Notes
Property changes

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Feature #1389

suppress by host

Updated by god lol about 9 years ago

Updated by Victor Julien about 9 years ago

Updated by god lol about 9 years ago

Updated by Victor Julien almost 8 years ago

Updated by Andreas Herz over 7 years ago