Optimization #3974
closedCleanup help output
Description
Suricata help output is way to verbose. We can do some Python tricks to hide much of the command line option behind another command line option. For example, we could probably only show the following in a basic suricata-update --help request:
-h, --help show this help message and exit
-v, --verbose Be more verbose
-q, --quiet Be quiet, warning and error messages only
-D <directory>, --data-dir <directory>
Data directory (default: /var/lib/suricata)
-c <filename>, --config <filename>
configuration file (default: /etc/suricata/update.yaml)
--suricata-conf <filename>
configuration file (default: /etc/suricata/suricata.yaml)
--suricata <path> Path to Suricata program
--suricata-version <version>
Override Suricata version
--no-check-certificate
Disable server SSL/TLS certificate verification
-V, --version Display version
-o <directory>, --output <directory>
Directory to write rules to
-f, --force Force operations that might otherwise be skipped
--url <url> URL to use instead of auto-generating one (can be specified multiple times)
--local <path> Local rule files or directories (can be specified multiple times)
--disable-conf <filename>
Filename of rule disable filters
--enable-conf <filename>
Filename of rule enable filters
--modify-conf <filename>
Filename of rule modification filters
--drop-conf <filename>
Filename of drop rule filters
--etopen Use ET-Open rules (default)
--reload-command <command>
Command to run after update if modified
--no-reload Disable reload
-T <command>, --test-command <command>
Command to test Suricata configuration
--no-test Disable testing rules with Suricata
--offline Run offline using most recent cached rules
other commands:
update-sources Update the source index
list-sources List available sources
enable-source Enable a source from the index
disable-source Disable an enabled source
remove-source Remove an enabled or disabled source
add-source Add a new source by URL
check-versions Check version of suricata-update
We could probably trim it down further.
We may also want to consider deprecating features such as:
- threshold.conf generation
- sid-msg map output (may make this into its own sub-command)
- --etopen (this is from before we defaulted to et/open)
- --no-merge
- --yaml-fragment
Updated by Shivani Bhardwaj over 3 years ago
- Assignee changed from Shivani Bhardwaj to Community Ticket
- Label Outreachy, Python added
Updated by Udokaku Ugochukwu over 3 years ago
Jason Ish wrote:
Suricata help output is way to verbose. We can do some Python tricks to hide much of the command line option behind another command line option. For example, we could probably only show the following in a basic suricata-update --help request:
[...]We could probably trim it down further.
We may also want to consider deprecating features such as:
- threshold.conf generation
- sid-msg map output (may make this into its own sub-command)
- --etopen (this is from before we defaulted to et/open)
- --no-merge
- --yaml-fragment
Hi what are the steps for reproducing this problem, I would love to work on this project
Updated by Jason Ish over 3 years ago
Outreachy note: Please don't deprecate any options, those are more open questions for discussion at this time. Please limit modifications to cleaning up the help output, and hiding those extra options behind a "--show-all-help" flag of some sort.
Updated by Tharushi Jayasekara over 3 years ago
- Assignee changed from Community Ticket to Tharushi Jayasekara
Updated by Jason Ish over 3 years ago
- Status changed from New to In Review