[Bro] Intel alerts not showing up in the notice log
Mike Dopheide
dopheide at gmail.com
Tue May 2 14:06:37 PDT 2017
I haven't read the whole thread, but you may need:
@load policy/frameworks/intel/do_notice
As well as have "meta.do_notice" set to T in your .dat files.
-Dop
On Tue, May 2, 2017 at 3:36 PM, Dave Florek <dave.a.florek at gmail.com> wrote:
> Good afternoon,
>
> Was there a resolution to this thread? I'm having the same issue on a
> default build and I'm not sure where to start.
>
> http://mailman.icsi.berkeley.edu/pipermail/bro/2014-May/006940.html
>
> Thanks,
>
>
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20170502/1a5c28a9/attachment.html
More information about the Bro
mailing list