[Oisf-users] Error trying to create basic rule
Jean Tourrilhes
jt at labs.hpe.com
Fri Sep 30 23:03:35 UTC 2016
On Sat, Oct 01, 2016 at 01:01:42AM +0200, Eric Leblond wrote:
> Hi,
>
> On Fri, 2016-09-30 at 15:59 -0700, Jean Tourrilhes wrote:
> > Hi,
> >
> > I've compiled suricate 3.1.2 on Debian, and I was trying to
> > install some very basic rule that I tested previously with snort. I'm
> > getting an error that I don't know how to fix...
> >
> > /etc/suricata/rules/local.rules :
> > -----------------------------------------------
> > alert icmp any any -> $HOME_NET any (msg:"ICMP test detected";
> > sid:1000001)
>
> you miss the semi comma ';' after sid.
Thanks a lot. I feel stupid :-(
Jean
More information about the Oisf-users
mailing list