Administration¶
- Overview
- Authentication
- SCS settings
- Capture Settings
- Network Security Monitoring Settings
- Change NSM settings for a probe
- Enable or disable protocols for a probe
- Common settings for protocols
- Add custom or extended HTTP information
- Add custom or extended SMTP information
- Add custom DNS information
- Add packet data or payload to the alerts information
- File handling capabilities
- Enable or disable file extraction for a probe
- Add Hahsum, file magic or mimetype information
- Rule Activity for a probe
- Declarations of Compromise
- Declarations of Policy Violation
- Events Filtering
- File Extraction
- Conditional PCAP logging
- Global Configuration
- Network Definitions
- Probe Registration
- Probe Templates
- Stamus Loggers
- Run Your Own Defense (RYOD)
- Sources & Rulesets
- Splunk
- Suricata Sensors
- Threat Intelligence
- Webhooks
- External Links Templates