What am I doing wrong? #14931
Unanswered
jpancrazio
asked this question in
2.4
What am I doing wrong?
#14931
Replies: 1 comment
-
|
|
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Version
2.4.160
Installation Method
Security Onion ISO image
Description
other (please provide detail below)
Installation Type
Standalone
Location
on-prem with Internet access
Hardware Specs
Exceeds minimum requirements
CPU
6
RAM
24G
Storage for /
163GB
Storage for /nsm
1.5TB
Network Traffic Collection
span port
Network Traffic Speeds
1Gbps to 10Gbps
Status
Yes, all services on all nodes are running OK
Salt Status
No, there are no failures
Logs
No, there are no additional clues
Detail
I believe this doesnt break guidelines, I have attached a screenshot of the issue . I have a rule 2063117 ( Abused Hosting Domain in DNS Lookup (azurewebsites .net) ) that I disabled as we use things in this domain, so it is noise .I disabled it in tunning but still firing LOTS of alerts, What am I doing wrong?
onprem-so-issue.rtf
Guidelines
Beta Was this translation helpful? Give feedback.
All reactions