![]() With the -l option you can set the default log directory. With the -S option you can set a file with signatures, which willīe loaded exclusively, regardless of the rules set in the yaml. With the -s option you can set a file with signatures, which willīe loaded together with the rules set in the yaml. Run inline of the NFQUEUE queue ID provided. Supplied, the list of devices from the af-packet section in the Provided in the pcap section of the configuration file will beĮnable capture of packet using AF_PACKET on Linux. Can be used several times to sniff packets from This option will try to use the bestĬapture method available. i ¶Īfter the -i option you can enter the interface card you would like This option is not set, pcap files will not be deleted after processing. This is useful with pcap-file-continuous toĬontinuously feed files to a directory and have them cleaned up when done. Used with the -r option to indicate that the mode should delete pcap filesĪfter they have been processed. ¶ This option cannot be combined with -pcap-file-continuous. This option ¶ enables recursive traversal into subdirectories to a maximum depth of 255. pcap-file-recursive ¶ Used with the -r option when the path provided is a directory. This is useful with directories to add new files and not resetįlow state between files. Used with the -r option to indicate that the mode should stay alive until In order of modified time maintaining flow state between files. specifies a directory, all files in that directory will be processed Run in pcap offline mode (replay mode) reading files from pcap file. This option will not decrease the log level set in theĬonfiguration file if it is already more verbose than the level ![]() Passed multiple times to further increase the verbosity. Increasing the log level from the default. Increase the verbosity of the Suricata application logging by ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |