[Oisf-users] Suricata rule deployment
Alan Wanderley dos Santos
alan.santos at rnp.br
Tue Jul 14 12:35:14 UTC 2015
Hi,
I did a master server with a web gui interface. So, is possible deploy rules updates (.tar.gz files) on this web gui. The engines have a shell script that download and deploy on each suricata instance. We chose do that way because some reasons:
* We have some particulars rules and there are rules with "false positive" (i don't know with this is the better word).
* Make the deploy process user-friendly.
* We don't have control on suricata instances. Each admin have control (user-level) on your own instance.
Sorry for my english mistakes.
Best Regards,
-----------------------------------------------
Alan Santos
Analista de Segurança
Centro de Atendimento a Incidentes de Segurança (CAIS)
Rede Nacional de Ensino e Pesquisa (RNP)
(19) 3787-3314 | alan.santos at rnp.br
De: "Saxena, Samiksha" <samiksha.saxena at verizon.com>
Para: "oisf-users at lists.openinfosecfoundation.org" <oisf-users at lists.openinfosecfoundation.org>
Enviadas: Sexta-feira, 10 de julho de 2015 17:06:04
Assunto: [Oisf-users] Suricata rule deployment
Hi,
I have a question about Suricata rules push. I am thinking to use Okinmaster to install rules. Is there a way to have a centrailzed server to install all the rules and distribute to all the suricata instances?
Thanks
_______________________________________________
Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
Suricata User Conference November 4 & 5 in Barcelona: http://oisfevents.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20150714/93b18dfb/attachment-0002.html>
More information about the Oisf-users
mailing list