[netsa-tools-discuss] Pipeline Does Not Work
Daniel Ruef
druef at cert.org
Thu Aug 18 11:11:50 EDT 2016
Hi Lutfi,
I’m guessing that you are trying to use “pipeline.conf” as your configuration file that is supposed to contain FILTERS and EVALUATIONS. This file that is included with the pipeline distribution is supposed to be used as the daemon configuration file.
You can find some example configurations here: http://tools.netsa.cert.org/analysis-pipeline5/pipeline-examples.html
Or you can just try the following as the pipeline configuration file:
FILTER all
END FILTER
EVALUATION test
FILTER all
ALERT ALWAYS
ALERT EVERYTHING
CHECK EVERYTHING PASSES
END CHECK
END EVALUATION
Dan
From: netsa-tools-discuss-bounces+druef=cert.org at cert.org [mailto:netsa-tools-discuss-bounces+druef=cert.org at cert.org] On Behalf Of Lutfi Oduncuoglu
Sent: Thursday, August 18, 2016 10:07 AM
To: netsa-tools-discuss at cert.org
Subject: [netsa-tools-discuss] Pipeline Does Not Work
Hello,
I am a newbie on netsa tools. I just get up and running yaf and silk. Now I am trying to keep going with analysis pipeline.
I installed the pipeline as told in official document. But I am having too much parse error from the pipeline.conf file.
Even I set the enabled=YES gives the syntax error.
What may be the problem?
Regards,
Lutfi
-------------- next part --------------
HTML attachment scrubbed and removed
More information about the netsa-tools-discuss
mailing list