Rule UpdatesΒΆ

The command suricata-update can be used to manage the running rule set if a custom source is available via HTTPS.

The suricata-rule-update file is located at /home/plixer/flowpro/rules/suricata-rule-update.yaml.

This file is comprised of the following sections:

  • disable-conf: A path to a file containing match statments for conditional rule exclusion. See the Example Configuration to Disable Rules for more information.

  • ignore: A list used to exclude local custom filenames from duplication. This can be absolute path or local if located in /home/plixer/flowpro/rules.

  • sources: The URL pointing to a custom Suricata rule source.

All other suricata-rule-update configuration entries are managed by the system.