Project

General

Profile

Actions

Feature #328

open

Traceability and QA with regards to rules loaded

Added by Peter Manev about 10 years ago. Updated about 2 years ago.

Status:
Assigned
Priority:
Normal
Assignee:
Target version:
Effort:
Difficulty:
Label:

Description

It would be nice if there could be created some sort of log file in the designated log directory - which would hold all the rules that were successfully loaded during start up (and each time Suri is started/restarted), the yaml and other conf files that were used during start time as well.

Thank you

Actions #1

Updated by Victor Julien about 10 years ago

  • Assignee set to OISF Dev

I agree that this would be useful. I think we could dump the rules in a single file, write a yaml and do the same for the reference, etc...

Actions #2

Updated by Victor Julien over 9 years ago

  • Target version set to TBD
Actions #3

Updated by Peter Manev over 9 years ago

Actually,
I think this will be very useful with the live rule swap feature.

Actions #4

Updated by Peter Manev over 6 years ago

  • Subject changed from Traceability and QA to Traceability and QA with regards to rules loaded
  • Assignee changed from OISF Dev to Eric Leblond
  • Target version changed from TBD to 3.0RC2

Instead of dumping the loaded rules to a file - maybe we can consider a unix-socket command addition for that.

Actions #5

Updated by Victor Julien over 6 years ago

  • Target version changed from 3.0RC2 to TBD
Actions #6

Updated by Victor Julien almost 4 years ago

Related to this, I'm working on dumping the internal representation of rules to JSON at start up.

Actions #7

Updated by Peter Manev almost 4 years ago

Would that info be also updated/available upon rule reload ?

Actions #8

Updated by Victor Julien over 3 years ago

  • Status changed from New to Resolved
  • Assignee changed from Eric Leblond to Victor Julien

Right now it overwrites the previous loaded set.

Actions #9

Updated by Victor Julien about 2 years ago

  • Status changed from Resolved to Assigned
  • Assignee changed from Victor Julien to Jeff Lucovsky

The rule dumping to json from the analyser is a big step towards this goal. It should probably be improved further and/or have the option to only print the rules, so w/o the analysis.

Actions

Also available in: Atom PDF