[Oisf-users] suricata.yaml
Victor Julien
victor at inliniac.net
Wed Oct 13 07:50:24 UTC 2010
Jason Ish wrote:
>> Coming to think of it, maybe it should be supported? Certainly makes it
>> easier for people who like to split their conf file
>
> Adding an include was on my mental to-do list. The other thing, which
> we had discussed sometime back was having an include statement right
> inside the rule files. That way suricata.yaml could just reference
> something like master.rules, and that would then include further
> rulesets. I had a need for that at one time, but not anymore.
I like this idea. It keeps suricata.yaml simple. It would allow ET even
to ship such a master.rules for their open and pro rulesets for example.
Same for VRT of course, if SF would be interested.
We could ship a master.rules to rule them all.
--
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------
More information about the Oisf-users
mailing list