im read suricata documentation, and do not understand thank you for your explation.
Hi, welcome to the community!
Suricata’s documentation covers byte_test and includes example:
https://suricata.readthedocs.io/en/latest/rules/payload-keywords.html#byte-test
If you have source code access (GitHub - OISF/suricata: Suricata git repository maintained by the OISF) you can peruse the examples in the unittests for byte_test – see src/detect-bytetest.c
Thank you mate , i will see github page. 