aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

eve/logging: disable anomaly logging by default

Browse Source 
Disable anomaly logging by default. Networks with excessive issues may
experience packet processing degradation.
pull/3836/head
Jeff Lucovsky 6 years ago committed by Victor Julien
parent b6b7778e2d
commit cc492c50c8
1 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File

8
suricata.yaml.in
Unescape Escape View File

@ -154,7 +154,13 @@ outputs:
# Enable the logging of tagged packets for rules using the # Enable the logging of tagged packets for rules using the
# "tag" keyword. # "tag" keyword.
tagged-packets: yes tagged-packets: yes
- anomaly: #- anomaly:
# Anomaly log records describe unexpected conditions such as truncated packets, packets with invalid
# IP/UDP/TCP length values, and other events that render the packet invalid for further processing
# or describe unexpected behavior on an established stream. Networks which experience high
# occurrences of anomalies may experience packet processing degradation.
# Enable dumping of packet header
# packethdr: no # enable dumping of packet header # packethdr: no # enable dumping of packet header
- http: - http:
extended: yes # enable this for extended logging information extended: yes # enable this for extended logging information

Write Preview
Loading…
Cancel
Save