DID YOU KNOW?
It's possible to enable or disable Suricata NIDS rules in Security Onion using regular expressions -- if you want to turn off all of those ET INFO or TOR alerts, this is an easy way to do it. And the best part is it will apply to new rules that are added to the set in the future.
