CAPE-Utils
view release on metacpan or search on metacpan
version: 2
enabled: yes
dir: /var/log/suricata/files
write-fileinfo: yes
stream-depth: 0
force-hash: [sha1, md5]
xff:
enabled: no
mode: extra-data
deployment: reverse
header: X-Forwarded-For
```
### CAPE::Utils
The default config file is '/usr/local/etc/cape_utils.ini'.
The defaults are as below, which out of the box, it will work by
default with CAPEv2 in it's default config.
```
src_bin/suricata_extract_submit view on Meta::CPAN
version: 2
enabled: yes
dir: /var/log/suricata/files
write-fileinfo: yes
stream-depth: 0
force-hash: [sha1, md5]
xff:
enabled: no
mode: extra-data
deployment: reverse
header: X-Forwarded-For
The force-hash values are optional as this script will automatically compute
those for inclusion as well SHA256.
This will use `/var/run/suricata_extract_submit.pid` as a PID file
to ensure only a single instance is running.
May be checked to see if it has hung like below. Below will alert if a PID
file with a M time of older than 5 minutes.
( run in 0.312 second using v1.01-cache-2.11-cpan-26ccb49234f )