Ofer Dagan
- Login: oferdagan
- Email: ofer.d@claroty.com
- Registered on: 09/26/2024
- Last sign in: 06/15/2025
Issues
open | closed | Total | |
---|---|---|---|
Assigned issues | 1 | 0 | 1 |
Reported issues | 5 | 1 | 6 |
Activity
06/25/2025
- 10:43 AM Suricata Feature #7786: Enhance --pcap-file-delete to Conditionally Delete PCAPs Based on Alerts
- I've opened a PR with the suggested solution - https://github.com/OISF/suricata/pull/13528
Let me know if you want m... - 06:52 AM Suricata Feature #7786: Enhance --pcap-file-delete to Conditionally Delete PCAPs Based on Alerts
- What do you mean with integrating with our @pcap-log@? It should have no affect on the @pcap-log@ output.
Each packe...
06/24/2025
- 10:26 AM Suricata Feature #7786 (New): Enhance --pcap-file-delete to Conditionally Delete PCAPs Based on Alerts
- Hello Suricata Team,
I would like to suggest a new feature that enhances the functionality of the `--pcap-file-del... - 08:53 AM Suricata Feature #7785: pcap-log: support packet context for conditional alerts
- Sadly I must discard this approach for our use case because of a bigger issue with the pcap-log feature. It appears t...
06/23/2025
- 10:06 AM Suricata Feature #7785: pcap-log: support packet context for conditional alerts
- Thanks for the quick response!
> But there is a known and sadly common case where this is happening: if you have s...
06/22/2025
- 01:43 PM Suricata Feature #7785 (New): pcap-log: support packet context for conditional alerts
- Hi all,
Currently the pcap-log feature, when configured with `conditional: alerts`, only records the "golden packe...
06/15/2025
- 11:14 AM Suricata Bug #5255: Reported pcap_filename in alerts are not correct
- Hi,
I can confirm that this still happens with suricata 7.0.10. Are there any plans on fixing this?
04/10/2025
- 06:21 AM Suricata Feature #7655 (New): Allow using flow id in pcap log file name
- Hi all,
*The Problem*
The issue I'm trying to solve is correlating between an alert and the pcap log it creates i...
01/16/2025
- 10:09 AM Suricata Bug #7497 (New): pcap: exit with errors when running with -r and --pcap-file-continuous
- Hi,
I'm trying to run suricata as follows:...
10/06/2024
- 06:35 AM Suricata Support #7282: Allow access suricata command unix socket with lower permissions
- Thank you for the response. I'll try to find solutions in the forum :)
Also available in: Atom