Enabling Pcap based on source IP

Satyachaitanya_Immid (Satyachaitanya Immidisetti) January 6, 2021, 1:56pm 1

Is it something possible to perform PCap capture on Suricata based on S_IP = xxx.xxx.xx.xx.

syoc January 11, 2021, 3:22pm 2

It is not possible as far as I know.

Topic		Replies	Views	Activity
Suricata not detecting some packets in a pcap Help rules , suricata , pcaps	4	788	August 10, 2023
Feeding Suricata from a FIFO Pipe with PCAP Data Help suricata	1	83	July 31, 2024
Suricata 7.0.6 The data of pcap package cannot be obtained by HTTP,	2	27	October 9, 2024
How to log alert into a pcap Help	4	886	July 18, 2023
Feeding suricata with a pcap streaming? Help	2	841	May 1, 2021