Project

General

Profile

Actions

Documentation #4706

open

Guide for rulewriting

Added by Juliana Fajardini Reichow over 3 years ago. Updated 6 months ago.

Status:
New
Priority:
Normal
Target version:
Affected Versions:
Effort:
Difficulty:
Label:

Description

There is some documentation on Suricata rules (https://suricata.readthedocs.io/en/latest/rules/intro.html), and there have been trainings and a webinar (https://www.youtube.com/watch?v=tvoqFBVSShA), but we still miss a more complete guide which one can follow if they want to learn how to go from some malicious traffic to a rule that could detect such activity.


Related issues 2 (2 open0 closed)

Related to Suricata - Documentation #1892: rule docs should include example rulesNewCommunity TicketActions
Related to Suricata - Documentation #4662: Add documentation section covering Suricata rule grammarNewCommunity TicketActions
Actions #1

Updated by Juliana Fajardini Reichow over 3 years ago

Actions #2

Updated by Juliana Fajardini Reichow over 1 year ago

  • Assignee set to Community Ticket
  • Target version changed from TBD to 8.0.0-beta1
Actions #3

Updated by Victor Julien 6 months ago

  • Target version changed from 8.0.0-beta1 to TBD
Actions

Also available in: Atom PDF