Please kindly add Suricata rule 'sid' 'alert' message to Suricata Section of the Dashboard
Background Context
During the documentation review, it was discovered that the current design of Suricata section doesn't provide enough information to allow users to search source Suricata rules.
Purpose
The user would like to investigate the Suricata rule which generated the alert.
Workflow
User selects a alert from the Suricata section of the dashboard.
Next, the user copies the 'sid' or the alert 'msg' to clipboard.
User then opens the suriata.rules and search the file content using the sid or msg as search phrase.
User narrows down to the right Suricata rule that generated the message.
Please kindly add Suricata rule 'sid' 'alert' message to Suricata Section of the Dashboard
Background Context
During the documentation review, it was discovered that the current design of Suricata section doesn't provide enough information to allow users to search source Suricata rules.
Purpose
The user would like to investigate the Suricata rule which generated the alert.
Workflow
suriata.rulesand search the file content using thesidormsgas search phrase.