[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oisf-users
Subject:    Re: [Oisf-users] Suricata rule/config errors
From:       Russell Fulton <r.fulton () auckland ! ac ! nz>
Date:       2014-09-15 19:43:00
Message-ID: 77724A95-A804-4C67-B913-3B347E9FDDD6 () auckland ! ac ! nz
[Download RAW message or body]


On 16/09/2014, at 1:50 am, Peter Manev <petermanev@gmail.com> wrote:
> 
> Hi,
> I noticed that you have -
> Rules/raw/
> 
> then you are also referring to -
> cat /home/sensors/dmzo/Rules/local.rules
> 
> which leads me to the question if your rules directory is the same in
> suricata.yaml?

They are two different machines.  I have a manager from which I download the tar \
balls once.  Puppet then pushes these out to the sensors and triggers a run of \
pulledpork to produce the final ruleset which in turn triggers a reload of suricata.

I will however go back and double check everything again!

Russell
_______________________________________________
Suricata IDS Users mailing list: oisf-users@openinfosecfoundation.org
Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
OISF: http://www.openinfosecfoundation.org/


[prev in list] [next in list] [prev in thread] [next in thread]