[Oisf-users] Automate Suricata.yaml file settings
David
lists at edeca.net
Thu Jun 11 22:38:30 UTC 2015
On 11/06/2015 18:43, Alan Wanderley dos Santos wrote:
> Anyway, we use our own scripts because we have specific networks on each
> instance, so, the HOME_NET (and others) variable is custom for each
> custumer. I think that is important for better assertiveness in matching
> rules.
You can roll out custom attributes with any configuration management system.
We use chef to distribute suricata configuration (and firewall, custom
services, etc). HOME_NET and various variables are set on a per-host
basis where required.
David
More information about the Oisf-users
mailing list