General

Profile

Ofer Dagan

  • Login: oferdagan
  • Email: ofer.d@claroty.com
  • Registered on: 09/26/2024
  • Last sign in: 06/15/2025

Issues

open closed Total
Assigned issues 1 0 1
Reported issues 5 1 6

Activity

06/25/2025

10:43 AM Suricata Feature #7786: Enhance --pcap-file-delete to Conditionally Delete PCAPs Based on Alerts
I've opened a PR with the suggested solution - https://github.com/OISF/suricata/pull/13528
Let me know if you want m... Ofer Dagan
06:52 AM Suricata Feature #7786: Enhance --pcap-file-delete to Conditionally Delete PCAPs Based on Alerts
What do you mean with integrating with our @pcap-log@? It should have no affect on the @pcap-log@ output.
Each packe... Ofer Dagan

06/24/2025

10:26 AM Suricata Feature #7786 (New): Enhance --pcap-file-delete to Conditionally Delete PCAPs Based on Alerts
Hello Suricata Team,
I would like to suggest a new feature that enhances the functionality of the `--pcap-file-del... Ofer Dagan
08:53 AM Suricata Feature #7785: pcap-log: support packet context for conditional alerts
Sadly I must discard this approach for our use case because of a bigger issue with the pcap-log feature. It appears t... Ofer Dagan

06/23/2025

10:06 AM Suricata Feature #7785: pcap-log: support packet context for conditional alerts
Thanks for the quick response!
> But there is a known and sadly common case where this is happening: if you have s... Ofer Dagan

06/22/2025

01:43 PM Suricata Feature #7785 (New): pcap-log: support packet context for conditional alerts
Hi all,
Currently the pcap-log feature, when configured with `conditional: alerts`, only records the "golden packe... Ofer Dagan

06/15/2025

11:14 AM Suricata Bug #5255: Reported pcap_filename in alerts are not correct
Hi,
I can confirm that this still happens with suricata 7.0.10. Are there any plans on fixing this? Ofer Dagan

04/10/2025

06:21 AM Suricata Feature #7655 (New): Allow using flow id in pcap log file name
Hi all,
*The Problem*
The issue I'm trying to solve is correlating between an alert and the pcap log it creates i... Ofer Dagan

01/16/2025

10:09 AM Suricata Bug #7497 (New): pcap: exit with errors when running with -r and --pcap-file-continuous
Hi,
I'm trying to run suricata as follows:... Ofer Dagan

10/06/2024

06:35 AM Suricata Support #7282: Allow access suricata command unix socket with lower permissions
Thank you for the response. I'll try to find solutions in the forum :) Ofer Dagan

Also available in: Atom