Feature #328
open
Traceability and QA with regards to rules loaded
Added by Peter Manev over 12 years ago.
Updated over 4 years ago.
Description
It would be nice if there could be created some sort of log file in the designated log directory - which would hold all the rules that were successfully loaded during start up (and each time Suri is started/restarted), the yaml and other conf files that were used during start time as well.
Thank you
I agree that this would be useful. I think we could dump the rules in a single file, write a yaml and do the same for the reference, etc...
- Target version set to TBD
Actually,
I think this will be very useful with the live rule swap feature.
- Subject changed from Traceability and QA to Traceability and QA with regards to rules loaded
- Assignee changed from OISF Dev to Eric Leblond
- Target version changed from TBD to 3.0RC2
Instead of dumping the loaded rules to a file - maybe we can consider a unix-socket command addition for that.
- Target version changed from 3.0RC2 to TBD
Related to this, I'm working on dumping the internal representation of rules to JSON at start up.
Would that info be also updated/available upon rule reload ?
- Status changed from New to Resolved
- Assignee changed from Eric Leblond to Victor Julien
Right now it overwrites the previous loaded set.
- Status changed from Resolved to Assigned
- Assignee changed from Victor Julien to Jeff Lucovsky
The rule dumping to json from the analyser is a big step towards this goal. It should probably be improved further and/or have the option to only print the rules, so w/o the analysis.
Also available in: Atom
PDF