Convert Snort rules to Suricata rules and vice versa

Hello suricata community!

I am a newbie to suricata and I am trying to get the hang out of snort as well. I’ve read somehwere that snort rules are compatible with the suricata detection engine. But when I try to use snort rules in suricata I get error messages like “SC_ERR_INVALID_SIGNATURE”. Now I know that there are certain options that differ in both NIDS. So my question is whether someone knows if there is an easy way (e.g. some function in a library) to convert snort3 rules into suricata valid rules and vice versa.

Thank you!

You could take a look at https://github.com/google/gonids and see if that does what you are looking for.

JT

1 Like