[Oisf-users] Updating suricata rules
dev
devuan.2 at gmail.com
Wed Oct 25 19:52:02 UTC 2017
Hi,
I usually update my rules with oinkmaster. I am getting errors[1] today
becuase the "disablesid" lines in oinkmaster.conf are no longer in the
downloaded ruleset. I don't think Oinkmaster is a suricata project
so I will forego asking about that here and rather ask:
What is the best way to stay current to update rules for suricata ?
Thanks
[1]
# oinkmaster -vC /etc/oinkmaster.conf -o /etc/suricata/rules
...
Processing downloaded rules...
disablesid 11, enablesid 0, modifysid 0, localsid 0, total rules 24093
WARNING: attempt to use "disablesid" on non-existent SID 2522828
...
WARNING: attempt to use "disablesid" on non-existent SID 2523106
WARNING: attempt to use "disablesid" on non-existent SID 2522234
More information about the Oisf-users
mailing list