Project

General

Profile

Actions
Copy link

Documentation #4706

open

Guide for rulewriting

Added by Juliana Fajardini Reichow over 3 years ago. Updated 11 months ago.

Status:
New
Priority:
Normal
Assignee:
Community Ticket
Target version:
TBD
Affected Versions:
Effort:
Difficulty:
Label:

Description

There is some documentation on Suricata rules (https://suricata.readthedocs.io/en/latest/rules/intro.html), and there have been trainings and a webinar (https://www.youtube.com/watch?v=tvoqFBVSShA), but we still miss a more complete guide which one can follow if they want to learn how to go from some malicious traffic to a rule that could detect such activity.

Related issues 2 (2 open0 closed)

Related to Suricata - Documentation #1892: rule docs should include example rulesNewCommunity TicketActions
Related to Suricata - Documentation #4662: Add documentation section covering Suricata rule grammarNewCommunity TicketActions
Actions
Copy link
 #1

Updated by Juliana Fajardini Reichow over 3 years ago

Actions
Copy link
 #2

Updated by Juliana Fajardini Reichow almost 2 years ago

  • Assignee set to Community Ticket
  • Target version changed from TBD to 8.0.0-beta1
Actions
Copy link
 #3

Updated by Victor Julien 11 months ago

  • Target version changed from 8.0.0-beta1 to TBD
Actions
Copy link

Also available in: Atom PDF