FUN WITH LINUX

Suricata-Update: a smart update-script for suricata-rules

10 December 2017

Last week OISF announced a new tool called suricata-update. It’s a smart tool for updating suricata rules from remote sources like Emerging Threats. It’s works similar to oinkmaster or pulledpork. The main advantage is that it works great with suricata, makes backup of previous rulesets and tests the rules before applying them. Yesterday it reminded me about deprecated options in my suricata-configuration because of the tests it runs(suricata -T).

Suricata-Update was a bit too chatty, so I contributed to the project and implemented a config-option for a custom user-agent-string.

[ Programming  Open-Source  Suricata  Contribution  ]
Except where otherwise noted, content on this site is licensed under a Creative Commons Attribution 3.0 Unported License.

Copyright 2015-present Hoti