Documentation #4665: Update docs to include information about file* functionality - Suricata-Update - Open Information Security Foundation

Actions

Copy link

Documentation #4665

open

JS JI

Update docs to include information about file* functionality

Documentation #4665: Update docs to include information about file* functionality

Added by Jascha Sticher over 4 years ago. Updated over 4 years ago.

Status:

New

Priority:

Normal

Assignee:

Jason Ish

Target version:

Affected Versions:

Effort:

Difficulty:

Label:

Description

Hi Everyone,

we deploy our own custom ruleset via suricata-update. We recently added filehashes and stumbled upon a curious quirk, that doesn't seem to be documented very well.

When deploying hashes-files with the *.tgz file, they are only put into /var/lib/suricata if they are also referenced by a rule.

I volunteer to update the documentation to reflect this behaviour, but I'm not sure on where the correct place inside the docs is.

Kind regards,

Jascha

History
Notes
Property changes

Actions

Copy link

Also available in: PDF Atom

Project

General

Profile

Suricata » Suricata-Update