BPF Rules #1910
Replies: 2 comments 2 replies
-
|
Not sure on the pasting, but check your yaml formatting: |
Beta Was this translation helpful? Give feedback.
-
|
Sorry, yes the paste wasn't great, I have it exactly as you wrote it.
Same error when I try to apply it. |
Beta Was this translation helpful? Give feedback.
-
|
If this is a distributed deployment, try running |
Beta Was this translation helpful? Give feedback.
-
|
Thanks! That command seems to have worked. Thank you for taking the time! |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
Hi:
I am new to Security Onion but really appreciate what I have seen so far! I am having one strange issue though. I am trying to apply a BPF rule. I added...
nids:
bpf:
- not host 10.10.41.136
...to the bottom of the global.sls file as a test as it is the exact syntax from the documentation on the readthedocs site. When I run...
sudo salt-call state.apply suricata
...I get the error...
ID: suribpfcompilationfailure
Function: test.configurable_test_state
Result: False
Comment: BPF Syntax Error - Discarding Specified BPF
Started: 13:28:59.758606
Duration: 4.333 ms
Changes:
If I remove the nids: section, the error goes away. Can you let me know what I am missing here? I feel like I am missing something simple but for the life of me I can't see what it is. Thanks!
Beta Was this translation helpful? Give feedback.
All reactions