Ixchel
view release on metacpan or search on metacpan
share/templates/suricata_outputs.tt view on Meta::CPAN
- eve-log:
enabled: no
filetype: syslog
pcap-file: false
community-id: false
community-id-seed: 0
xff:
enabled: yes
mode: extra-data
deployment: reverse
header: X-Forwarded-For
types:
- alert:
payload: yes
payload-buffer-size: 64kb
packet: yes
http-body: yes
http-body-printable: no
tagged-packets: yes
metadata:
app-layer: true
share/templates/suricata_outputs.tt view on Meta::CPAN
- eve-log:
enabled: yes
filetype: syslog
identity: suricata-http
facility: local5
level: Info
xff:
enabled: yes
mode: extra-data
deployment: reverse
header: X-Forwarded-For
pcap-file: false
community-id: false
community-id-seed: 0
types:
- http:
extended: yes
dump-all-headers: both
- eve-log:
enabled: yes
filetype: syslog
share/templates/suricata_outputs.tt view on Meta::CPAN
version: 2
enabled: yes
dir: /var/log/suricata/files
write-fileinfo: yes
stream-depth: 0
force-hash: [sha1, md5]
xff:
enabled: no
mode: extra-data
deployment: reverse
header: X-Forwarded-For
[% END %]
##
## regular files
##
- eve-log:
enabled: 'yes'
filetype: regular
filename: /var/log/suricata/alert[% vars.instance_part %].json
pcap-file: false
community-id: false
community-id-seed: 0
xff:
enabled: yes
mode: extra-data
deployment: reverse
header: X-Forwarded-For
types:
- alert:
payload: yes
payload-buffer-size: 64kb
packet: 'yes'
http-body: yes
http-body-printable: no
tagged-packets: yes
metadata:
app-layer: true
share/templates/suricata_outputs.tt view on Meta::CPAN
force-magic: yes
force-hash: [md5]
- eve-log:
enabled: yes
filetype: regular
filename: /var/log/suricata/flows/current/http.json
xff:
enabled: yes
mode: extra-data
deployment: reverse
header: X-Forwarded-For
pcap-file: false
community-id: false
community-id-seed: 0
types:
- http:
extended: yes
dump-all-headers: both
- eve-log:
enabled: yes
filetype: regular
( run in 0.309 second using v1.01-cache-2.11-cpan-0f795438458 )