[Oisf-users] Suricata 1.4 Rule set up and update
Peter Manev
petermanev at gmail.com
Wed Feb 6 07:50:47 UTC 2013
On Wed, Feb 6, 2013 at 8:36 AM, Jutaro Kajita <j.kajita at espeid.jp> wrote:
> I read through the online documentation of Suricata1.4 on OISF page but I
> couldn't find the actual article that deals with
> live rule hot swap previously dealt with in 1.3 version.\
>
https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Live_Rule_Swap
you mean you couldn't find that article ? or is it something else you were
referring to?
> Is there any configuration in suricata.yaml file or in oinkmaster.conf
> while I am using Oinkmater as the rule manager?
> I couldn't renew the rule set after I started Suricata engine as
>
> $suricata -c /etc/suricata/suricata.yaml -i <eth0> -D
>
> though I created example ".rule" file in the rule directory and made small
> change in the rule file.
>
> I think this means if I use Suricata as IPS on a remote server, I won't
> get new rules to work because stopping Suricata means stopping queueing.
> Thanks in Advance.
>
>
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> OISF: http://www.openinfosecfoundation.org/
>
--
Regards,
Peter Manev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20130206/f1367383/attachment-0002.html>
More information about the Oisf-users
mailing list