Project

General

Profile

Actions

Documentation #4706

open

Guide for rulewriting

Added by Juliana Fajardini Reichow about 1 year ago. Updated about 1 year ago.

Status:
New
Priority:
Normal
Assignee:
-
Target version:
Affected Versions:
Effort:
Difficulty:
Label:

Description

There is some documentation on Suricata rules (https://suricata.readthedocs.io/en/latest/rules/intro.html), and there have been trainings and a webinar (https://www.youtube.com/watch?v=tvoqFBVSShA), but we still miss a more complete guide which one can follow if they want to learn how to go from some malicious traffic to a rule that could detect such activity.


Related issues 2 (2 open0 closed)

Related to Documentation #1892: rule docs should include example rulesNewCommunity TicketActions
Related to Documentation #4662: Add documentation section covering Suricata rule grammarNewCommunity TicketActions
Actions

Also available in: Atom PDF