[Oisf-users] Want to input Cybox output (cyber observables) or OpenIOC (indicater) to Suricata
Duarte Silva
duarte.silva at serializing.me
Mon Sep 15 12:18:59 UTC 2014
On Monday 15 September 2014 16:39:46 Muhammad Asif Ihsan wrote:
> Hi,
>
>
>
> I am new to suricata users. I have question that can I input Cybox cyber
> observables or OpenIOC indicators to suricata so that suricata can use this
> input in its rules for identifying malicious traffic and activity. I am keen
> to hear from you. Thank you.
Hi Asif,
Suricata does not support those kind of files. The only choice would be to
convert those kind of files to Snort like rule files.
Cheers,
Duarte
More information about the Oisf-users
mailing list