[Oisf-users] Suricata SM List?

Victor Julien lists at inliniac.net
Thu Oct 12 17:32:35 UTC 2017

On 12-10-17 15:42, secres at linuxmail.org wrote:
> I noticed an error recently in the output when running test.  I'm unsure
> of what the "sm list" is and it doesn't state which signature is
> throwing the error.  Anyone know what this is?
> <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - Unable to find the
> sm in any of the sm lists

This will be a bit tricky. If you can reduce the ruleset until you no
longer get the error it should (hopefully) give you a single rule or a
small set.

Maybe the first thing to try is to disable threshold.config entries.

You can also recompile with --enable-debug and then set a breakpoint on
the error message. Then you can find the signature id in the backtrace.

Victor Julien
PGP: http://www.inliniac.net/victorjulien.asc

More information about the Oisf-users mailing list