Feature #1389: suppress by host - Suricata - Open Information Security Foundation

Actions

Copy link

Feature #1389

open

suppress by host

Added by god lol almost 10 years ago. Updated about 8 years ago.

Status:

New

Priority:

Normal

Assignee:

OISF Dev

Target version:

TBD

Effort:

Difficulty:

Label:

Description

From the rule description at https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Suricata_Rules and suppress example at https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Ignoring_Traffic it's unclear if it's possible to supress alert for particular hostname.

The problem is that rule description doese not mention "supress" at all, while the documentation on ignoring traffic is very brief and it's unclear how one could suppress alerts for the traffic going to (or from) my.host.com

History
Notes
Property changes

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Feature #1389

suppress by host

Updated by god lol over 9 years ago

Updated by Victor Julien over 9 years ago

Updated by god lol over 9 years ago

Updated by Victor Julien over 8 years ago

Updated by Andreas Herz about 8 years ago