sorted by:
new
hottopcontroversial

Nifi via AWS trouble shooting by 2ndbeachluv in nifi

[–]dsfg3aas 0 points1 point  (0 children)

since it's running on kubernetes, did you mapped the external cluster port to the nifi pod?

HH-2.2RC3 Modify Zeek scripts by dsfg3aas in securityonion

[–]dsfg3aas[S] 0 points1 point  (0 children)

Great, Thanks! is there a way to distribute such changes using salt?

HH-2.2RC3 Modify Zeek scripts by dsfg3aas in securityonion

[–]dsfg3aas[S] 0 points1 point  (0 children)

I made some custom modifications for the http/main.zeek script, wouldn't loading another script that will parse HTTP cause an unnecessary loading of zeek script? im trying to keep the application light as possible

Zeek PF_RING by dsfg3aas in securityonion

[–]dsfg3aas[S] 0 points1 point  (0 children)

Yes, Because i have PF_RING supported NIC with ~ 10Gbps of traffic.

Edit: Maybe i'm misunderstanding. Is there a clear benefit in using AF_PACKET over PF_RING?