• Support
  • Forums
  • Blogs

Suricata custom rules

amatol15amatol15

New Life Form
+1
Hi

After upgrade OSSIM to 5.6.5 suricata custom rules doesn't work.

Configuration of suricata:
alienvault:/etc/suricata# cat suricata.yaml | grep rule-files
include: rule-files.yaml

alienvault:/etc/suricata# cat rule-files.yaml | grep local
- local.rules

Examples of rules that don't work:

pass ip 192.168.1.1/32 any <> 192.168.1.2    161 (msg:"SNMP_App"; sid:60;)
pass ip   192.168.1.3/32      any  <> 192.168.1.4  161   (msg:"SNMP_App"; sid:61;)

Does anybody have problems like this?
 Before the update it worked
Thanks







Share post:

Sign In or Register to comment.