After upgrade OSSIM to 5.6.5 suricata custom rules doesn't work.
Configuration of suricata:
alienvault:/etc/suricata# cat suricata.yaml | grep rule-files
alienvault:/etc/suricata# cat rule-files.yaml | grep local
Examples of rules that don't work:
pass ip 192.168.1.1/32 any <> 192.168.1.2 161 (msg:"SNMP_App"; sid:60;)
pass ip 192.168.1.3/32 any <> 192.168.1.4 161 (msg:"SNMP_App"; sid:61;)
Does anybody have problems like this?
Before the update it worked