Feature #3760
closed
Task #3759: datasets: finalize to move out of 'experimental'
datasets: distinguish between 'static' and 'dynamic' sets
Added by Victor Julien almost 4 years ago.
Updated over 3 years ago.
Description
A static set would be a set that is provided by an intel provider. It would not be changed by Suricata at runtime except for rule updates.
A dynamic set would provide features like storing the set to disk at shutdown, adding to the set from the rule language, etc.
- Target version set to 6.0.0beta1
- Status changed from New to Assigned
- Assignee set to Shivani Bhardwaj
We should probably add a keyword option to explicitly state if a set is dynamic or static, but we can also try to infer it. If the 'state' or 'save' options are used, it is dynamic.
Maybe it would make sense that if the set is loaded from the part of the file system that is managed by suricata-update, it is static.
- Status changed from Assigned to Closed
Also available in: Atom
PDF