[Oisf-users] No rule files match the pattern
jt
jtfas90 at gmail.com
Wed Dec 18 12:59:12 UTC 2019
Hi Vieri,
Can you share the default-rule-path and rule-files sections of your
suricata.yaml?
Just out of curiosity:
How did you install suricata?
What OS are you running on?
How are you launching suricata?
Thanks
JT
On Tue, 2019-12-17 at 16:00 +0000, Vieri wrote:
> Hi,
>
> Just upgraded from 3.2.1 to 4.1.6.
>
> I'm getting this error:
>
> [ERRCODE: SC_ERR_NO_RULES(42)] - No rule files match the pattern
> /var/lib/suricata/rules/suricata.rules
>
> # head -n 1 /var/lib/suricata/rules/suricata.rules
> alert http any any -> any any (msg:"SURICATA TRAFFIC-ID: Debian APT-
> GET"; content:"debian.org"; http_host; content:"Debian APT";
> http_user_agent; flow:to_server,established;
> flowbits:set,traffic/id/debian-apt;
> flowbits:set,traffic/label/software-update; noalert; sid:300000000;)
>
> # ls -l /var/lib/suricata/rules/suricata.rules
> -rw-r--r-- 1 root root 15728516 Dec 17 16:29
> /var/lib/suricata/rules/suricata.rules
>
> I don't understand the errror message and how to fix it.
>
> Vieri
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support:
> http://suricata-ids.org/support/
> List:
> https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>
> Conference: https://suricon.net
> Trainings: https://suricata-ids.org/training/
More information about the Oisf-users
mailing list