.\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.47.10.
.TH SURICATA-UPDATE "1" "May 2019" "suricata-update version 1.0.5" "User Commands"
.SH NAME
suricata-update \- tool to update Suricata sources
.SH DESCRIPTION
usage: suricata\-update update [\-h] [\-v] [\-q] [\-D <directory>] [\-c <filename>]
.TP
[\-\-suricata\-conf <filename>] [\-\-suricata <path>]
[\-\-suricata\-version <version>]
[\-\-user\-agent <user\-agent>]
[\-\-no\-check\-certificate] [\-V] [\-o <directory>]
[\-f] [\-\-yaml\-fragment <filename>] [\-\-url <url>]
[\-\-local <path>] [\-\-sid\-msg\-map <filename>]
[\-\-sid\-msg\-map\-2 <filename>]
[\-\-disable\-conf <filename>]
[\-\-enable\-conf <filename>]
[\-\-modify\-conf <filename>]
[\-\-drop\-conf <filename>] [\-\-ignore <pattern>]
[\-\-no\-ignore] [\-\-threshold\-in <filename>]
[\-\-threshold\-out <filename>]
[\-\-dump\-sample\-configs] [\-\-etopen]
[\-\-reload\-command <command>] [\-\-no\-reload]
[\-T <command>] [\-\-no\-test] [\-\-no\-merge]
.SS "optional arguments:"
.TP
\fB\-h\fR, \fB\-\-help\fR
show this help message and exit
.TP
\fB\-v\fR, \fB\-\-verbose\fR
Be more verbose
.TP
\fB\-q\fR, \fB\-\-quiet\fR
Be quiet, warning and error messages only
.TP
\fB\-D\fR <directory>, \fB\-\-data\-dir\fR <directory>
Data directory (default: \fI\,/var/lib/suricata\/\fP)
.TP
\fB\-c\fR <filename>, \fB\-\-config\fR <filename>
configuration file (default:
\fI\,/etc/suricata/update.yaml\/\fP)
.TP
\fB\-\-suricata\-conf\fR <filename>
configuration file (default:
\fI\,/etc/suricata/suricata.yaml\/\fP)
.TP
\fB\-\-suricata\fR <path>
Path to Suricata program
.TP
\fB\-\-suricata\-version\fR <version>
Override Suricata version
.TP
\fB\-\-user\-agent\fR <user\-agent>
Set custom user\-agent string
.TP
\fB\-\-no\-check\-certificate\fR
Disable server SSL/TLS certificate verification
.TP
\fB\-V\fR, \fB\-\-version\fR
Display version
.TP
\fB\-o\fR <directory>, \fB\-\-output\fR <directory>
Directory to write rules to
.TP
\fB\-f\fR, \fB\-\-force\fR
Force operations that might otherwise be skipped
.TP
\fB\-\-yaml\-fragment\fR <filename>
Output YAML fragment for rule inclusion
.TP
\fB\-\-url\fR <url>
URL to use instead of auto\-generating one (can be
specified multiple times)
.TP
\fB\-\-local\fR <path>
Local rule files or directories (can be specified
multiple times)
.TP
\fB\-\-sid\-msg\-map\fR <filename>
Generate a sid\-msg.map file
.TP
\fB\-\-sid\-msg\-map\-2\fR <filename>
Generate a v2 sid\-msg.map file
.TP
\fB\-\-disable\-conf\fR <filename>
Filename of rule disable filters
.TP
\fB\-\-enable\-conf\fR <filename>
Filename of rule enable filters
.TP
\fB\-\-modify\-conf\fR <filename>
Filename of rule modification filters
.TP
\fB\-\-drop\-conf\fR <filename>
Filename of drop rules filters
.TP
\fB\-\-ignore\fR <pattern>
Filenames to ignore (can be specified multiple times;
default: *deleted.rules)
.TP
\fB\-\-no\-ignore\fR
Disables the ignore option.
.TP
\fB\-\-threshold\-in\fR <filename>
Filename of rule thresholding configuration
.TP
\fB\-\-threshold\-out\fR <filename>
Output of processed threshold configuration
.TP
\fB\-\-dump\-sample\-configs\fR
Dump sample config files to current directory
.TP
\fB\-\-etopen\fR
Use ET\-Open rules (default)
.TP
\fB\-\-reload\-command\fR <command>
Command to run after update if modified
.TP
\fB\-\-no\-reload\fR
Disable reload
.TP
\fB\-T\fR <command>, \fB\-\-test\-command\fR <command>
Command to test Suricata configuration
.TP
\fB\-\-no\-test\fR
Disable testing rules with Suricata
.TP
\fB\-\-no\-merge\fR
Do not merge the rules into a single file
.SS "other commands:"
.TP
update\-sources
Update the source index
.TP
list\-sources
List available sources
.TP
enable\-source
Enable a source from the index
.TP
disable\-source
Disable an enabled source
.TP
remove\-source
Remove an enabled or disabled source
.TP
list\-enabled\-sources
List all enabled sources
.TP
add\-source
Add a new source by URL