view release on metacpan or  search on metacpan

README.md  view on Meta::CPAN

      version: 2
      enabled: yes
      dir: /var/log/suricata/files
      write-fileinfo: yes
      stream-depth: 0
      force-hash: [sha1, md5]
      xff:
        enabled: no
        mode: extra-data
        deployment: reverse
        header: X-Forwarded-For
```

### CAPE::Utils

The default config file is '/usr/local/etc/cape_utils.ini'.

The defaults are as below, which out of the box, it will work by
default with CAPEv2 in it's default config.

```

src_bin/suricata_extract_submit  view on Meta::CPAN

          version: 2
          enabled: yes
          dir: /var/log/suricata/files
          write-fileinfo: yes
          stream-depth: 0
          force-hash: [sha1, md5]
          xff:
            enabled: no
            mode: extra-data
            deployment: reverse
            header: X-Forwarded-For

The force-hash values are optional as this script will automatically compute
those for inclusion as well SHA256.

This will use `/var/run/suricata_extract_submit.pid` as a PID file
to ensure only a single instance is running.

May be checked to see if it has hung like below. Below will alert if a PID
file with a M time of older than 5 minutes.