Problema con mi primera regla

mario.bqa · April 21, 2022, 12:46pm

Buenas estoy siguendo este tutorial:
https://suricata.readthedocs.io/en/suricata-6.0.4/quickstart.html
Y en el paso 2.5 Alenting cuando pongo la alerta me sale un error (es copia y pega de la propia web y tambien he intentado copiar la regla del listado de reglas de /var/lib/suricata/rules)

Jeff_Lucovsky · April 21, 2022, 1:10pm

Hi,

Suricata loads rules from a rule file – so the alert .... string should be in a file, say my-suricata.rules and then launch Suricata with suricata -S /path/to/my-suricata.rules

mario.bqa · April 22, 2022, 7:31am

Muchas gracias, lo he intentado. Pero ahora me da un error:

Ya he cambiado los permisos del log de suricata

Jeff_Lucovsky · April 23, 2022, 12:14pm

Your user id doesn’t grant you write permission to the log file.

Check the permissions with ls -ld /var /var/log /var/log/suricata

You should have write access to /var/log/suricata and access to search /var and /var/log

Topic		Replies	Views
<Warning> - [ERRCODE: SC_ERR_NO_RULES(42)] - No rule files match the pattern /var/lib/suricata/rules/local.rules Help	4	8494	December 19, 2023
Cannot load my own rule Rules suricata	2	490	October 15, 2022
Suricata not loading rules Help	6	2463	May 4, 2021
How to run suricata rules on Centos 7 Help centos	3	1251	June 17, 2021
Instruction to write rules on Suricata Help	7	1809	February 12, 2021

Problema con mi primera regla

Related topics