[Oisf-users] pcre keyword in rule for non-http traffic

[Matthew Keeler]

The Suricata user documentation has the pcre keyword in the HTTP-keywords article:

https://redmine.openinfosecfoundation.org/projects/suricata/wiki/HTTP-keywords

Does the keyword have to be used with only http traffic or can it be used with tcp/udp/ip types as well?

Matt Keeler--------------------------------------------------------------------
The information contained herein is for the exclusive use of the original recipient.  This information is granted for limited distribution within the recipient's organization for planning purposes only.  Further dissemination, whether private or public, is prohibited and may be covered under a non-disclosure agreement.