Feature #328
openTraceability and QA with regards to rules loaded
Description
It would be nice if there could be created some sort of log file in the designated log directory - which would hold all the rules that were successfully loaded during start up (and each time Suri is started/restarted), the yaml and other conf files that were used during start time as well.
Thank you
Updated by Victor Julien over 12 years ago
- Assignee set to OISF Dev
I agree that this would be useful. I think we could dump the rules in a single file, write a yaml and do the same for the reference, etc...
Updated by Peter Manev almost 12 years ago
Actually,
I think this will be very useful with the live rule swap feature.
Updated by Peter Manev about 9 years ago
- Subject changed from Traceability and QA to Traceability and QA with regards to rules loaded
- Assignee changed from OISF Dev to Eric Leblond
- Target version changed from TBD to 3.0RC2
Instead of dumping the loaded rules to a file - maybe we can consider a unix-socket command addition for that.
Updated by Victor Julien almost 9 years ago
- Target version changed from 3.0RC2 to TBD
Updated by Victor Julien over 6 years ago
Related to this, I'm working on dumping the internal representation of rules to JSON at start up.
Updated by Peter Manev over 6 years ago
Would that info be also updated/available upon rule reload ?
Updated by Victor Julien almost 6 years ago
- Status changed from New to Resolved
- Assignee changed from Eric Leblond to Victor Julien
Right now it overwrites the previous loaded set.
Updated by Victor Julien over 4 years ago
- Status changed from Resolved to Assigned
- Assignee changed from Victor Julien to Jeff Lucovsky
The rule dumping to json from the analyser is a big step towards this goal. It should probably be improved further and/or have the option to only print the rules, so w/o the analysis.