Scroll to navigation

SURICATA-UPDATE(1) User Commands SURICATA-UPDATE(1)

NAME

suricata-update - tool to update Suricata sources

DESCRIPTION

usage: suricata-update update [-h] [-v] [-q] [-D <directory>] [-c <filename>]

[--suricata-conf <filename>] [--suricata <path>]
[--suricata-version <version>] [--user-agent <user-agent>] [--no-check-certificate] [-V] [-o <directory>] [-f] [--yaml-fragment <filename>] [--url <url>] [--local <path>] [--sid-msg-map <filename>] [--sid-msg-map-2 <filename>] [--disable-conf <filename>] [--enable-conf <filename>] [--modify-conf <filename>] [--drop-conf <filename>] [--ignore <pattern>] [--no-ignore] [--threshold-in <filename>] [--threshold-out <filename>] [--dump-sample-configs] [--etopen] [--reload-command <command>] [--no-reload] [-T <command>] [--no-test] [--no-merge]

optional arguments:

show this help message and exit
Be more verbose
Be quiet, warning and error messages only
Data directory (default: /var/lib/suricata)
configuration file (default: /etc/suricata/update.yaml)
configuration file (default: /etc/suricata/suricata.yaml)
Path to Suricata program
Override Suricata version
Set custom user-agent string
Disable server SSL/TLS certificate verification
Display version
Directory to write rules to
Force operations that might otherwise be skipped
Output YAML fragment for rule inclusion
URL to use instead of auto-generating one (can be specified multiple times)
Local rule files or directories (can be specified multiple times)
Generate a sid-msg.map file
Generate a v2 sid-msg.map file
Filename of rule disable filters
Filename of rule enable filters
Filename of rule modification filters
Filename of drop rules filters
Filenames to ignore (can be specified multiple times; default: *deleted.rules)
Disables the ignore option.
Filename of rule thresholding configuration
Output of processed threshold configuration
Dump sample config files to current directory
Use ET-Open rules (default)
Command to run after update if modified
Disable reload
Command to test Suricata configuration
Disable testing rules with Suricata
Do not merge the rules into a single file

other commands:

Update the source index
List available sources
Enable a source from the index
Disable an enabled source
Remove an enabled or disabled source
List all enabled sources
Add a new source by URL
May 2019 suricata-update version 1.0.5