[Oisf-users] Suricata rule deployment

Cooper F. Nelson cnelson at ucsd.edu
Mon Jul 13 19:32:55 UTC 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Yes, I would have a single 'master' sensor that downloads the rules and
manages them via oinkmaster.  I would then probably use something simple
like scp to copy the rules to all the other sensors and then issue a
rules reload with ssh.

You could also use nfs or sshfs and remotely mount the rules directory
from the master sensor.

- -Coop

On 7/13/2015 7:34 AM, Saxena, Samiksha wrote:
> Thanks Cooper for the reply.
> So, can I have one central server which can download all the rules every
> night from internet and push the rules to all suricata instances?
> 
> 


- -- 
Cooper Nelson
Network Security Analyst
UCSD ACT Security Team
cnelson at ucsd.edu x41042
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)

iQEcBAEBAgAGBQJVpBJnAAoJEKIFRYQsa8FWwMYH/RAw5MKcbUC/JVosxE+bxxq2
mSOQYtOrBBH2Zgn7qySbBCue+ME4auxC9Pa6MptOL4v2n16di9t7SB1whgZJMijN
2Y+MhUoeyvS8MW3ZjVH2oKanqI9N3yP5gND97KTGtalEqj3pTDPxSICfTXBoF4Jf
8or0I4QHsVmK1jTOATNsqCSfl0qZqC7AD9u9sFm68Mbt/EoyACqQ+iV2f3z8JUzg
r6lMa+Oh+csQYDKORkUytA0SFSMqnEBgrGkWe1deTtMs+EIYZD0nBc4jEJEtCGSL
PzxkrSPiHi4I4vdQzwvce5f/jR6N8Uvb9CZaGE/k70gkVoeEvIrfTJix6fNtpW4=
=c8Ck
-----END PGP SIGNATURE-----



More information about the Oisf-users mailing list