Hi all,
Is there a tool to visualize the matches to a signature from a pcap file?
The pcap is sometimes very large and a tool to directly highlight what triggered the alarm would be very useful.
Thanks in advance.
Rudi
Hi all,
Is there a tool to visualize the matches to a signature from a pcap file?
The pcap is sometimes very large and a tool to directly highlight what triggered the alarm would be very useful.
Thanks in advance.
Rudi
evebox is a good place to start. It’s developed and maintained by @ish who’s been a core member of the suricata team for a while.
Thanks a lot Jeff.
Let’s investigate this.
Have a nice weekend.