AniNIX
/
Ubiqtorate
1
0
Fork 0
Code Issues 16 Pull Requests Projects 1 Releases Wiki Activity

Sunset suricata for zeek #14

New Issue
Open
opened 2020-09-14 20:13:33 -05:00 by DarkFeather · 1 comment
DarkFeather commented 2020-09-14 20:13:33 -05:00
Owner

Behavioral detection may be more reliable than signature, simply because signatures fall out of date or are written poorly.

Might be a good idea to file zeek directly into Graylog for AniNIX/Sharingan, rather than slurping Suricata's fast.log.

Behavioral detection may be more reliable than signature, simply because signatures fall out of date or are written poorly. Might be a good idea to file zeek directly into Graylog for AniNIX/Sharingan, rather than slurping Suricata's fast.log. * https://docs.zeek.org/en/current/examples/scripting/index.html#custom-logging * https://marketplace.graylog.org/addons/5e6cf3c6-7bdc-4a2c-bdca-441407e4a016
DarkFeather added the
On-hold
 label 2022-05-04 06:55:26 -05:00
DarkFeather commented 2022-05-04 06:56:15 -05:00
Poster
Owner

So far, zeek has failed in maat.aninix.net -- it causes OOM issues. We'll stick with suricata until we have time to revisit this.

So far, zeek has failed in maat.aninix.net -- it causes OOM issues. We'll stick with suricata until we have time to revisit this.
DarkFeather added this to the Kanban project 2022-08-04 00:40:39 -05:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
main
0.0
Labels
Clear labels   
Blocked

There are functional or technical reasons this can't be implemented yet   
Duplicate

Another issue or PR already describes this issue   
On-hold

Evaluated but not enough resources to complete now   
Peer-review

Being reviewed for quality prior to merge   
RFC

More information and feedback is needed   
Wontfix

Not a bug -- way it works
No Label
Blocked
Duplicate
On-hold
Peer-review
RFC
Wontfix
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Kanban
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: AniNIX/Ubiqtorate#14
There is no content yet.
Delete Branch "%!s(<nil>)"

Deleting a branch is permanent. Although the deleted branch may exist for a short time before cleaning up, in most cases it CANNOT be undone. Continue?