Last week OISF announced a new tool called suricata-update. It’s a smart tool for updating suricata rules from remote sources like Emerging Threats. It’s works similar to oinkmaster or pulledpork. The main advantage is that it works great with suricata, makes backup of previous rulesets and tests the rules before applying them. Yesterday it reminded me about deprecated options in my suricata-configuration because of the tests it runs(suricata -T).
Suricata-Update was a bit too chatty, so I contributed to the project and implemented a config-option for a custom user-agent-string.
