Alert according to the triggered rules

23 views
Skip to first unread message

Serhii Kovalenko

unread,
Jul 20, 2021, 11:18:06 AM7/20/21
to SELKS
Hello, I have a question

How appears the warning according to the triggered rules in Suricata and how to act in the event of such alert?

Thanks for prompt respond.

Regards,
Serge

Peter Manev

unread,
Jul 20, 2021, 11:39:45 AM7/20/21
to Serhii Kovalenko, SELKS
Hi,

Thank you for trying out SELKS.
If i understand you correctly - the alerts are generated based on
rules. There are plenty of rule sources, some of those are free/open
like ETOpen (emerging threats) for example.
Acting on alert may largely depend on your environment or experience.
Is there anything in specific you have in mind?

Thank you
> --
> IRC: Let's talk about SELKS on Freenode IRC on the #SELKS channel
> Wiki: https://github.com/StamusNetworks/SELKS/wiki
> GitHub: https://github.com/StamusNetworks/SELKS
> Blog: https://www.stamus-networks.com/theblog/
> Twitter: @StamusN
> g+: Stamus Networks
> ---
> You received this message because you are subscribed to the Google Groups "SELKS" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to selks+un...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/selks/08909d1d-c690-4c84-af8b-ce5ecd678366n%40googlegroups.com.



--
Regards,
Peter Manev
Reply all
Reply to author
Forward
0 new messages