-
Right now, the default log level is info, adding -v is debug. A better option for -v is somewhere between debug and info, then perhaps -vv for debug.
One idea:
- Default: Notice logging. Most logs…
-
```
cd /tmp
git clone https://github.com/jasonish/py-idstools
cd py-idstools
git rev-parse HEAD
#6821df33bfaaf39331cf27843144d48cc3f9b8dc
PYTHONPATH=. python3 bin/idstools-rulecat -o /etc/surica…
-
This request is divided in two step:
## 1. Snort community rules are not handled properly:
```
$ idstools-rulecat --url "https://www.snort.org/rules/community" --merged community.rules
2017-05-16 …
-
Rulecat script when using the option `--merged` always generate a report [as you can see in the code](https://github.com/jasonish/py-idstools/blob/master/idstools/scripts/rulecat.py#L416), WHICH is lo…
-
idstools-rulecat crashes with an exception when using Python 3 and Suricata is installed:
```
[root@9d3d1f76ead0 ~]# idstools-rulecat
Traceback (most recent call last):
File "/usr/bin/idstools-…
-
I am merging Suricata ET rules on a server where Suricata daemon is not present, but I know which version of it runs on the boxes. However, rulecat doesn't use '-enhanced' ruleset in such a case, it g…
-
rpmlint (a tool for checking RPM packaging style) uses shebang to decide whether a python file is a script.
https://github.com/jasonish/py-idstools/tree/1dccb619555097cbbddb60095fd8f7da385c722a/ids…
-
I have the following in my disable.conf file:
re:.*
re:^#.*
re:ET.\* TOR
re:ET.\* SCADA
re:ET.\* SCADA_SPECIAL
re:ET.\* DELETED
re:ET.\* SURICATA STREAM
and some individual rule IDs. Then, in my ena…
-
Here is the end of the run. Rules download properly, but the merged rule file is never updated. If I run with no arguments it grabs the open source rules and does not appear to error out.
Enabled 480…