- 7.0.5_1
- OpnSense
- Believe it’s part of default OpnSense install.
I recently configured monit to notify me of when Suricata has blocked something with content = "blocked" Currently, I’m probably getting 10 to 20 messages per day with almost all of them definitely false positives. I’ll share all of the different alerts I’m receiving on this thread. In the mean, time is there anything I should do to reduce the false positives?