[Oisf-users] classifications/references/rules directly in suricata.yaml
elof2 at sentor.se
elof2 at sentor.se
Mon Mar 21 12:19:31 UTC 2016
What is the syntax if I want to put classifications/references/rules
directly in the suricata.yaml file?
Example:
If I comment out the reference-config-file and add references manually,
using the same syntax as in the file, suricata won't start.
#reference-config-file: /usr/local/etc/suricata/reference.config
config reference: bugtraq http://www.securityfocus.com/bid/
config reference: bid http://www.securityfocus.com/bid/
config reference: cve http://cve.mitre.org/cgi-bin/cvename.cgi?name=
...etc...
Configuration node 'config reference' redefined.
SC_ERR_CONF_YAML_ERRORESC - Failed to parse configuration file at line 1222: mapping values are not allowed in this context
So what should the yaml look like when adding classifications, references
or rules directly in suricata.yaml?
/Elof
More information about the Oisf-users
mailing list