Squert Signature Info doesn't match the right source
33 views
Skip to first unread message
sfritzke
Jul 3, 2016, 1:55:22 PM7/3/16
to security-onion
Hi,
last week I noticed, that the signature info doesn't match the right source.
For example, if I have an event with sid 18214 from OSSEC, squert shows me the signature info with the same id 18214 but from another source (Snort).
For more details see attachment.
Thanks,
Suzan
Doug Burks
Jul 4, 2016, 10:57:35 AM7/4/16
to securit...@googlegroups.com
Hi Suzan,
I've created Issue 958 for this:
https://github.com/Security-Onion-Solutions/security-onion/issues/958
> --
> Follow Security Onion on Twitter!
> https://twitter.com/securityonion
> ---
> You received this message because you are subscribed to the Google Groups "security-onion" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to security-onio...@googlegroups.com.
> To post to this group, send email to securit...@googlegroups.com.
> Visit this group at https://groups.google.com/group/security-onion.
> For more options, visit https://groups.google.com/d/optout.
--
Doug Burks
I've created Issue 958 for this:
https://github.com/Security-Onion-Solutions/security-onion/issues/958
> Follow Security Onion on Twitter!
> https://twitter.com/securityonion
> ---
> You received this message because you are subscribed to the Google Groups "security-onion" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to security-onio...@googlegroups.com.
> To post to this group, send email to securit...@googlegroups.com.
> Visit this group at https://groups.google.com/group/security-onion.
> For more options, visit https://groups.google.com/d/optout.
--
Doug Burks
Reply all
Reply to author
Forward
0 new messages