Project

General

Profile

Actions

Feature #4149

open

Research: Dynamic datasets

Added by Jeff Lucovsky over 3 years ago. Updated over 3 years ago.

Status:
Feedback
Priority:
Normal
Target version:
Effort:
Difficulty:
Label:

Description

Chris G Nov 12th at 11:23 AM
We are not using datasets yet in production, but one big issue is our datasets are constantly changing and managing static files and suricata reloads is pain. What about tying a dataset to a Redis keyspace? Much easier to dynamically swap out data there. (edited)

2 replies

Andreas Herz 1 day ago
Can you elaborate a bit more why it's a pain?
Not to say that using something like redis might be worth to look into, right now it's only used for logging output

Chris G 1 day ago
Missed this one. Mostly because we already want that data in place where other applications can easily access and not worry about keeping it in sync. Also if I understand it correctly, we basically want to use dynamic sets exclusively and have them persist across restarts/reloads.


Related issues 1 (1 open0 closed)

Related to Suricata - Task #4097: Suricon 2020 brainstormAssignedVictor JulienActions
Actions

Also available in: Atom PDF