Ofer Dagan
- Login: oferdagan
- Email: ofer.d@claroty.com
- Registered on: 09/26/2024
- Last sign in: 06/15/2025
Issues
open | closed | Total | |
---|---|---|---|
Assigned issues | 1 | 0 | 1 |
Reported issues | 5 | 1 | 6 |
Activity
06/24/2025
- 10:26 AM Suricata Feature #7786 (New): Enhance --pcap-file-delete to Conditionally Delete PCAPs Based on Alerts
- Hello Suricata Team,
I would like to suggest a new feature that enhances the functionality of the `--pcap-file-del... - 08:53 AM Suricata Feature #7785: pcap-log: support packet context for conditional alerts
- Sadly I must discard this approach for our use case because of a bigger issue with the pcap-log feature. It appears t...
06/23/2025
- 10:06 AM Suricata Feature #7785: pcap-log: support packet context for conditional alerts
- Thanks for the quick response!
> But there is a known and sadly common case where this is happening: if you have s...
06/22/2025
- 01:43 PM Suricata Feature #7785 (New): pcap-log: support packet context for conditional alerts
- Hi all,
Currently the pcap-log feature, when configured with `conditional: alerts`, only records the "golden packe...
06/15/2025
- 11:14 AM Suricata Bug #5255: Reported pcap_filename in alerts are not correct
- Hi,
I can confirm that this still happens with suricata 7.0.10. Are there any plans on fixing this?
04/10/2025
- 06:21 AM Suricata Feature #7655 (New): Allow using flow id in pcap log file name
- Hi all,
*The Problem*
The issue I'm trying to solve is correlating between an alert and the pcap log it creates i...
01/16/2025
- 10:09 AM Suricata Bug #7497 (New): pcap: exit with errors when running with -r and --pcap-file-continuous
- Hi,
I'm trying to run suricata as follows:...
10/06/2024
- 06:35 AM Suricata Support #7282: Allow access suricata command unix socket with lower permissions
- Thank you for the response. I'll try to find solutions in the forum :)
- 06:33 AM Suricata Feature #7283: installing suricatasc functionality without installing suricata entirely
- Thank you for the response.
In general, is this discouraged to use suricatasc? Will this functionality be removed at...
09/26/2024
- 03:10 PM Suricata Feature #7283 (New): installing suricatasc functionality without installing suricata entirely
- Hi,
We have a use case when we communicate with suricata that's in a container over the command unix socket.
We wo...
Also available in: Atom