Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Traditionally, Snort rules are based upon packet analysis. OpenAppID enables detection of applications/cloud applications on the network. This package provides OpenAppID and signature files used by OpenAppID to detect network traffic from certain applications can be used to identify rogue application use, detect malicious applications and implement various application policies, such as application blacklisting, limiting application usage, and enforcing conditional controls. To use, for example, edit /etc/snort/local.lua and add the following section at a minimum: appid = { app_detector_dir = '/usr/lib/openappid', log_stats = true, app_stats_period = 60, } Signed-off-by: John Audia <therealgraysky@proton.me>
- Loading branch information