How and where to get new rules?

e-ferrari · September 3, 2023, 7:33pm

Hi,
i’m new to Suricata and IDS/IPS.
I’m thinking of protecting some hosts with Suricata. I think that the quality of an IDS stands and falls with the quality and up-to-dateness of the rules. Correct ?
How often are the rules for Suricata updated ? Can i automate the procedure of updating the rules ?

Thanks.

Bernd

Jeff_Lucovsky · September 5, 2023, 12:24pm

Suricata does not manage rulesets; we’ve developed suricata-update to help with that task.

Suricata-update is documented in a few places

Topic		Replies	Views
Is there a way to periodically check if the latest ruleset is used Rules	0	283	February 23, 2021
Several questions on external rules Help	2	885	December 2, 2020
How to enable Suricata rules to be updated automatically Help	1	395	November 26, 2021
Rules database connectivity Developers	16	1944	July 23, 2021
Can I use suricata-update to update any rules? Help	10	1331	February 16, 2022

How and where to get new rules?

Related Topics