Project

General

Profile

Actions

Support #3045

closed

How limiting the number of alerts in the fast.log

Added by Ivan Ivanov over 5 years ago. Updated over 4 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Affected Versions:
Label:

Description

Could you please tell me how it is possible to set up Suricata, that only one alert on one pcap-file got into the fast.log, even if the rule worked on it several times. The goal is to apply this setting to all rules at the same time.

Actions

Also available in: Atom PDF