add variable in vars section at suricata.yaml file and its work. But my main purpose is bypass youtube or twitter. I tried to add content:“youtube.com” but it didn’t log all packets. What should be the rule logging all youtube or twitter packets?
add variable in vars section at suricata.yaml file and its work. But my main purpose is bypass youtube or twitter. I tried to add content:“youtube.com” but it didn’t log all packets. What should be the rule logging all youtube or twitter packets?