[Oisf-users] Suricata rule/config errors
Russell Fulton
r.fulton at auckland.ac.nz
Mon Sep 15 19:43:00 UTC 2014
On 16/09/2014, at 1:50 am, Peter Manev <petermanev at gmail.com> wrote:
>
> Hi,
> I noticed that you have -
> Rules/raw/
>
> then you are also referring to -
> cat /home/sensors/dmzo/Rules/local.rules
>
> which leads me to the question if your rules directory is the same in
> suricata.yaml?
They are two different machines. I have a manager from which I download the tar balls once. Puppet then pushes these out to the sensors and triggers a run of pulledpork to produce the final ruleset which in turn triggers a reload of suricata.
I will however go back and double check everything again!
Russell
More information about the Oisf-users
mailing list