Project

General

Profile

Actions
Copy link

Feature #1542

open
PM JI

dump-config - extend into multi-detect supplied yaml configuration

Feature #1542: dump-config - extend into multi-detect supplied yaml configuration

Added by Peter Manev over 10 years ago. Updated about 1 year ago.

Status:
Assigned
Priority:
Low
Assignee:
Jason Ish
Target version:
9.0.0-beta1
Effort:
Difficulty:
Label:

Description

It will be useful if "--dump-config" can extend and look into the supplied multi-detect yaml config parameters(homenet/ports/ref/classification...) . Currently it only shows the file "multi-detect.tenants.0.yaml" (example below)

multi-detect = (null)
multi-detect.enabled = yes
multi-detect.selector = vlan
multi-detect.loaders = 1
multi-detect.tenants = (null)
multi-detect.tenants.0 = tenant
multi-detect.tenants.0.tenant = 
multi-detect.tenants.0.id = 1
multi-detect.tenants.0.yaml = /etc/suricata/tenant-1111.yaml
multi-detect.mappings = (null)
multi-detect.mappings.0 = vlan
multi-detect.mappings.0.vlan = 
multi-detect.mappings.0.vlan-id = 1155
multi-detect.mappings.0.tenant-id = 1

I guess equally desirable would be to be able to override multi-detect supplied yaml config parameters on the command line as well (example):
--set "multi-detect.tenants.0.yaml.vars.address-groups.HOME_NET = [10.10.10.0/24]"

JI Updated by Jason Ish over 10 years ago Actions
Copy link
 #1

The main issue here, I think, is that the specified yaml file isn't included as part of the on start configuration initialization - its not handled directly by the configuration subsystem. I wonder if this could be modified to use YAML includes so its directly handled by the configuration loader?

That, or perhaps just moving the ConfDump() in suricata.c further down may do.

AH Updated by Andreas Herz over 10 years ago Actions
Copy link
 #2

  • Assignee set to OISF Dev
  • Target version set to TBD

VJ Updated by Victor Julien over 6 years ago Actions
Copy link
 #3

  • Target version changed from TBD to 6.0.0beta1

I think the last suggestion makes sense.

JI Updated by Jason Ish almost 6 years ago Actions
Copy link
 #4

  • Priority changed from Normal to Low

VJ Updated by Victor Julien almost 6 years ago Actions
Copy link
 #5

  • Status changed from New to Assigned
  • Assignee changed from OISF Dev to Jason Ish
  • Target version changed from 6.0.0beta1 to 7.0.0-beta1

VJ Updated by Victor Julien over 3 years ago Actions
Copy link
 #6

  • Target version changed from 7.0.0-beta1 to 7.0.0-rc1

VJ Updated by Victor Julien over 3 years ago Actions
Copy link
 #7

  • Target version changed from 7.0.0-rc1 to 8.0.0-beta1

VJ Updated by Victor Julien about 1 year ago Actions
Copy link
 #8

  • Target version changed from 8.0.0-beta1 to 9.0.0-beta1
Actions
Copy link

Also available in: PDF Atom