You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi SO Team.
Do you have plans for implementing the possibility to tune by DNS names rather than just ip's?.
i know theres Suricata variables, but sometimes it just doens't get the job done.
i could filter out an alarm from a user which is working with something that might look sus, but i know its a falsepositive.
and when that ip gets released and another gets the ip eventually, its all over again with the tuning, as the user gets a new ip?
you support reverse-lookup which is nice, but would be cool if this was a feature.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
-
Hi SO Team.
Do you have plans for implementing the possibility to tune by DNS names rather than just ip's?.
i know theres Suricata variables, but sometimes it just doens't get the job done.
i could filter out an alarm from a user which is working with something that might look sus, but i know its a falsepositive.
and when that ip gets released and another gets the ip eventually, its all over again with the tuning, as the user gets a new ip?
you support reverse-lookup which is nice, but would be cool if this was a feature.
Beta Was this translation helpful? Give feedback.
All reactions