Miroslav Stampar
Miroslav Stampar
@theonlydoo can you please write down what was bothering you with it? maybe we could use your feedback to make it better
@Thanatermesis have you tried accessing the Maltrail server with path `/fail2ban`? for example, `:8338/fail2ban`?  --- Reference: https://github.com/stamparm/maltrail/blob/master/README.md#server
there was not need for closing it down :) this is a nice idea to have. though, as everything for free, i would hope that it wouldn't be abused (too...
p.s. this https://raw.githubusercontent.com/stamparm/aux/master/maltrail-static-trails.txt is updated every 24h with fresh trails. if you want a standalone solution, download it every day, and just do search on it
1) Currently there is no way to manually do it from user's perspective other than raw changes into that file 2) If you have some ideas that are interesting for...
Can you please give some example for such "static data resource"? I could make some feature for custom static trails, like where you could put `UA:` as a prefix to...
@sehot it goes like this. If used with default settings (particularly `CAPTURE_FILTER`) you won't have any problems processing that traffic, even on higher speeds. We are running it on some...
Currently not, but I would like to know the syslog format you (or other users) would like to support?
@xECK29x so, something like this would suffice? ``` Mar 16 16:43:10 sensor1 CEF:0|maltrail|sensor|0.10.115|2016-05-10|known attacker|10|src=10.0.0.192 spt=1234 dst=12.121.122.82 dpt=4123 proto=TCP ```
Basic implementation is done. Now you'll find inside the `maltrail.conf` the following NEW option: ``` # Remote address to send syslog entries #SYSLOG_SERVER 192.168.2.107:514 ``` Just uncomment it (`SYSLOG_SERVER`) and...