Open nyukers opened 2 years ago
Is it possible to share the rule or the error it produces ?
alert http any any -> any any (msg:"SURICATA TRAFFIC-ID: nyukers"; content:"nyukers.blogspot.com"; isdataat:!1,relative; noalert; sid:400000001; rev:1;)
It seems it loads fine here
Do you use the docker version or the ISO ?
ISO, no desktop. Why your Suricata status is brown?
Status became green after a few seconds, but what is important is that the rules says it is valid
and active
as on the screenshot - if you have the same you should be good.
Ok, I have got it. Maybe problem is placed on my side.)
Is there an existing issue for this?
Current Behavior
Ruleset has errors Unable to check ruleset validityInternal Server Error
Expected Behavior
Source is valid Source activated in "MyRuleSet"
Steps To Reproduce
1) I try to apply my custom rule to Suricata (SELKS6) from file. Name: My Test Rules Method: Upload Datatype: Other content Use IP reputation for group signatures: check Add source to the following ruleset(s): MyRuleSet File: my.rules
2) Result: 'My Test Rules' source initialisation Source fully activated. Source updated Source is valid Source activated in "MyRuleSet" See details of My Test Rules source.
3)However look to Sources: My Test Rules Last update: Feb. 4, 2022, 1 p.m. 0 Categories 0 Rules
Source: My Test Rules@HEAD Source fetched from None Ruleset has errors Unable to check ruleset validityInternal Server Error
I can't understand it. Where I made failed step?
Anything else?
No response